Helpsystems Clearswift Secure Web Gateway


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://community.helpsystems.com/kb-nav/kb-article/?id=37becc1c-255c-ec11-8f8f-6045bd006687&redirect=false

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL Investigation

Sources

Date Attribution Description
2022-01-04 11:49:35 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

HENIX Squash TM


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Vendor Link https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions

Community Resources

Resource Link
Vendor Link https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/23/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link Vendor Link.
2021-12-30 21:31:50 CISAGov Updated vendor link Vendor Link. Updated community note.
Expand Details

Hexagon ERDAS APOLLO - Catalog Explorer


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US#:~:text=For%20the%20following%20products%20fixes%20are%20available

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
Expand Details

Hexagon ERDAS APOLLO Essentials


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon GeoCompressor


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon GeoMedia


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon GeoMedia SmartClient


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon GeoMedia WebMap


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Geoprocessing Server


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US#:~:text=For%20the%20following%20products%20fixes%20are%20available

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL Fixed with 2022GeoprocessingLog4j-SecurityVulnerability.zip

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
Expand Details

Hexagon Geospatial Portal


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Geospatial SDI


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN Connect


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN InService (All InService products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN NetWorks Comms (G/Tech Fiber Optic Works)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN NetWorks Core (G/Technology products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Hexagon-Security-Alert-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN NetWorks WebServices (NetWotks)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Analytics


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Dispatch


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Mobile


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Mobile Unit


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Planning & Response


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Records


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Hexagon-Security-Alert-CVE-2021-44228?language=en_US#:~:text=of%20these%20products.-,%5BUpdate%202%5D,-Hexagon%20has%20released

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN OnCall Security


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon HxGN Xalt


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon I/Map Editor


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon ImageStation


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon IMAGINE


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon inPURSUIT Client


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon inPURSUIT Server (Workflow)


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Hexagon-Security-Alert-CVE-2021-44228?language=en_US#:~:text=inPURSUIT%20Server%20(Workflow)

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph CAD (All I/CAD products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph Fiber Optic Works – ESC


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph G!NIUS


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph G/Technology – ESC


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph LEADS (All I/LEADS products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph Mobile (I/Mobile, Mobile Public Safety, Mobile Responder)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph NetWorks - ESC


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon Intergraph Security (All I/Security products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon LuciadFusion


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon LuciadLightspeed


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon M.App Enterprise


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US#:~:text=in%20ERDAS%20APOLLO%2C%C2%A0-,M.App%20Enterprise,-and%20M.App

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon M.App X - Geoprocessing Server


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US#:~:text=App%20Enterprise%20and-,M.App%20X,-have%20been%20found

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hexagon NIBRS


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://supportsi.hexagon.com/help/s/article/log4j2-Security-Product-Vulnerability-Summary-CVE-2021-44228?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hikvision (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Hikvision https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf

Community Resources

Resource Link
Hikvision https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated community link Hikvision.
2021-12-30 21:31:50 CISAGov Updated vendor link Hikvision.
Expand Details

Hitachi Energy all other products


Vendor Data Vendor Investigating
Community Data

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Investigation
NCSC-NL Meta-Advisory listing all known affected products, other are still unter investigation

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorInvestigating. Updated community note. Updated community link source. Updated community note.
Expand Details

Hitachi Energy Axis


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000093&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix
NCSC-NL SaaS only, patched by vendor
CISAGov No action is required by customers. Axis is a fully SaaS hosted solution adn the enviroment has been patched per the recommendations
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
2022-01-05 17:50:34 CISAGov Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy Counterparty Settlement and Billing (CSB) version 6


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000090&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround ; CVE-2021-45105: Workaround
NCSC-NL request patch from vendor

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

Hitachi Energy e-Mesh Monitor


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000098&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix
NCSC-NL “affected part at cloud & handled by vendor, no user action required”
CISAGov No end-user action needed. The affected e-Mesh Monitor part is at the cloud offering side of which the remediation is handled by Hitachi Energy team. Remediation is currently ongoing, and during this time period, e-Mesh Monitor edge device is not able to upload data to cloud.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
2022-01-05 17:50:34 CISAGov Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy eSOMS


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
Hitachi Energy https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications

Community Resources

Resource Link
Hitachi Energy https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link Hitachi Energy.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Hitachi Energy.
Expand Details

Hitachi Energy FOXMAN-UN


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000088&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround ; CVE-2021-45105: Workaround
NCSC-NL patch at customer portal avilable
CISAGov Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2022-01-05 17:50:34 CISAGov Updated vendorPatchExists. Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy Lumada APM On-premises


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000087&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov See vendor advisory for instructions for various versions.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
2022-01-05 17:50:34 CISAGov Updated vendorPatchExists. Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy Lumada APM SaaS


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000087&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix
NCSC-NL handled by vendor, no user action required

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
Expand Details

Hitachi Energy Lumada EAM / FSM


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000095&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
CISAGov See Section Mitigation Strategy in vendor advisory.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
2022-01-05 17:50:34 CISAGov Updated vendorPatchExists. Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy MMS internal facing subcomponent


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000094&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
NCSC-NL Patch is available and delivered

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

Hitachi Energy Network Manager ADMS Network Model Server


Vendor Data
Community Data Vulnerable

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000091&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
CISAGov See vendor advisory for instructions on mitigation steps.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
2022-01-05 17:50:34 CISAGov Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy Network Manager Outage Management Interface (OMI) – Client Application


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000091&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy Network Manager Outage Management Interface (OMI) – Third Party Oracle Database Components (Trace File Analyzer, SQL Developer, Property Graph)


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000091&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Vulnerable ; CVE-2021-45046: Vulnerable

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy Network Manager SCADA/EMS, Ranger and NMR Product – Third Party Oracle Database Components (Trace File Analyzer, SQL Developer, Property Graph)


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000092&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Vulnerable ; CVE-2021-45046: Vulnerable

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy nMarket CAISO


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000099&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Vulnerable ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy nMarket Global I-SEM


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000096&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix ; CVE-2021-45105: Fix
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
2022-01-05 17:50:34 CISAGov Updated vendorPatchExists. Updated vendor link Hitachi Energy Advisory Link. Updated community note.
Expand Details

Hitachi Energy nMarket Global MISO SaaS


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000100&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Workaround ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL no customer action required

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

Hitachi Energy nMarket Global SPP SaaS


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000100&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Workaround ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL no customer action required

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

Hitachi Energy nMarket NE


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000099&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Vulnerable ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy nMarket NY


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000099&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Vulnerable ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy nMarket PJM


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000099&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Vulnerable ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy nMarket TX


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000099&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Vulnerable ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
Expand Details

Hitachi Energy RelCare


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000097&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix
NCSC-NL patched by vendor
CISAGov No action is required by customers. The RelCare SaaS hosted solution and the on-premises have been patched per the recommendations.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
2022-01-05 17:50:34 CISAGov Updated vendorPatchExists. Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Energy UNEM


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
Hitachi Energy Advisory Link https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch

Community Resources

Resource Link
source https://search.abb.com/library/Download.aspx?DocumentID=8DBD000089&LanguageCode=en&DocumentPartId=&Action=Launch

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround ; CVE-2021-45105: Workaround
NCSC-NL patch at customer portal avilable
CISAGov Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts.
CISAGov Last Update: 1/5/2022

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2022-01-05 17:50:34 CISAGov Updated vendorPatchExists. Updated vendor link Hitachi Energy Advisory Link. Updated community note. Updated community note.
Expand Details

Hitachi Vantara Pentaho


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Hologic Advanced Workflow Manager (AWM)


Vendor Data Vendor Investigating
Community Data Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Investigation
NCSC-NL While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable.
CISAGov While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-28 19:07:51 NCSC-NL Updated vendorInvestigating. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note. Updated community note.
Expand Details

Hologic Affirm Prone Biopsy System


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Brevera Breast Biopsy System


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Cenova Image Analytics Server


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link HOLOGIC Advisory Link.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Dimensions / 3Dimensions Mammography System


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Discovery Bone Densitometer


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Faxitron CT Specimen Radiography System


Vendor Data Vendor Investigating
Community Data Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Investigation
NCSC-NL While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation.
CISAGov While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-05 15:51:27 NCSC-NL Updated vendorInvestigating. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note. Updated community note.
Expand Details

Hologic Faxitron Specimen Radiography Systems


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Fluoroscan Insight Mini C-Arm


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Horizon DXA Bone Densitometer


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Rosetta DC Tomosynthesis Data Converter


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic SecurView DX Workstation


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link HOLOGIC Advisory Link.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic SecurXChange Router


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Trident HD Specimen Radiography System


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Hologic Unifi Workspace


Vendor Data Vendor Investigating
Community Data Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Investigation
NCSC-NL While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable.
CISAGov While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-05 15:51:27 NCSC-NL Updated vendorInvestigating. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note. Updated community note.
Expand Details

Hologic Windows Selenia Mammography System


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
HOLOGIC Advisory Link https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Resources

Resource Link
source https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity

Community Notes

Source Note
NCSC-NL
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link HOLOGIC Advisory Link. Updated community note.
Expand Details

Honeywell (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Honeywell Statement https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability

Community Resources

Resource Link
Honeywell Statement https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated community link Honeywell Statement.
2021-12-30 21:31:50 CISAGov Updated vendor link Honeywell Statement.
Expand Details

HP Teradici Cloud Access Controller


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/17/2021

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK.
2021-12-30 21:31:50 CISAGov Updated vendorPatchExists. Updated vendor link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK. Updated community note.
Expand Details

HP Teradici EMSDK


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/17/2021

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK.
2021-12-30 21:31:50 CISAGov Updated vendorPatchExists. Updated vendor link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK. Updated community note.
Expand Details

HP Teradici Management Console


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/17/2021

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK.
2021-12-30 21:31:50 CISAGov Updated vendorPatchExists. Updated vendor link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK. Updated community note.
Expand Details

HP Teradici PCoIP Connection Manager


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/17/2021

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK.
2021-12-30 21:31:50 CISAGov Updated vendorPatchExists. Updated vendor link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK. Updated community note.
Expand Details

HP Teradici PCoIP License Server


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Resources

Resource Link
Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK https://support.hp.com/us-en/document/ish_5268006-5268030-16

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/17/2021

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK. Updated community note.
Expand Details

HPE 3PAR Service Processor


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbgn04215en_us
release notes https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00002915en_us

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL Fixed in version 5.0.9.2

Sources

Date Attribution Description
2022-01-03 12:16:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community link release notes. Updated community note.
Expand Details