USoft (Multiple Products)

Vendor Data

Vendor Patch Exists

Community Data

Community Resources

Resource	Link
source	https://community.usoft.com/product-updates/release-notes-9-1-1s-log4j-security-vulnerability-fix-1302

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL	Fixed in 9.1.1S

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.

Expand Details

USSIGNAL MSP (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
USSIGNAL MSP Statement	https://ussignal.com/blog/apache-log4j-vulnerability

Community Resources

Resource	Link
USSIGNAL MSP Statement	https://ussignal.com/blog/apache-log4j-vulnerability

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link USSIGNAL MSP Statement.
2021-12-30 21:31:50	CISAGov	Updated vendor link USSIGNAL MSP Statement.

Expand Details

Varian Acuity

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ARIA Connect (Cloverleaf)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ARIA eDOC

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ARIA oncology information system for Medical Oncology

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ARIA oncology information system for Radiation Oncology

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ARIA Radiation Therapy Management System (RTM)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Authentication and Identity Server (VAIS)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Bravos Console

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Clinac

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Cloud Planner

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian DITC

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian DoseLab

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Eclipse treatment planning software

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ePeerReview

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Ethos

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian FullScale oncology IT solutions

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Halcyon system

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ICAP

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Identify

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Information Exchange Manager (IEM)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian InSightive Analytics

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 2021-12-22

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Large Integrated Oncology Network (LION)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 2021-12-22

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Managed Services Cloud

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Mobile App

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Mobius3D platform

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian PaaS

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian ProBeam

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Qumulate

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Real-time Position Management (RPM)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Respiratory Gating for Scanners (RGSC)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian SmartConnect solution

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	See Knowledge Article: 000038850 on MyVarian
CISAGov	See Knowledge Article: 000038850 on MyVarian
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link Varian Advisory Link. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Varian Advisory Link. Updated community note. Updated community note.

Expand Details

Varian SmartConnect solution Policy Server

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	See Knowledge Articles: 000038831 and 000038832 on MyVarian
CISAGov	See Knowledge Articles: 000038831 and 000038832 on MyVarian
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link Varian Advisory Link. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Varian Advisory Link. Updated community note. Updated community note.

Expand Details

Varian TrueBeam radiotherapy system

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian UNIQUE system

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian VariSeed

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Velocity

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian VitalBeam radiotherapy system

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian Vitesse

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian XMediusFax for ARIA oncology information system for Medical Oncology

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Varian XMediusFax for ARIA oncology information system for Radiation Oncology

Vendor Data

Vendor Investigating

Community Data

Vendor Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Resources

Resource	Link
Varian Advisory Link	https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link Varian Advisory Link.
2021-12-30 21:31:50	CISAGov	Updated vendorInvestigating. Updated vendor link Varian Advisory Link. Updated community note.

Expand Details

Variphy (Multiple Products)

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://kb.variphy.com/knowledge-base/cve-2021-44228-critical-vulnerability-in-log4j2/

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

VArmour (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
VArmour Statement	https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility

Community Resources

Resource	Link
VArmour Statement	https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link VArmour Statement.
2021-12-30 21:31:50	CISAGov	Updated vendor link VArmour Statement.

Expand Details

Varnish Software (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Varnish Software Security Notice	https://docs.varnish-software.com/security/CVE-2021-44228-45046/

Community Resources

Resource	Link
Varnish Software Security Notice	https://docs.varnish-software.com/security/CVE-2021-44228-45046/

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community link Varnish Software Security Notice.
2021-12-30 21:31:50	CISAGov	Updated vendor link Varnish Software Security Notice.

Expand Details

Varonis (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Varonis Notice	https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228

Community Resources

Resource	Link
Varonis Notice	https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community link Varonis Notice.
2021-12-30 21:31:50	CISAGov	Updated vendor link Varonis Notice.

Expand Details

Vectra (Multiple Products)

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://support.vectra.ai/s/article/KB-VS-1568

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Veeam (Multiple Products)

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Veeam Statement	https://www.veeam.com/kb4254

Community Resources

Resource	Link
source	https://www.veeam.com/kb4254

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.
2021-12-30 21:31:50	CISAGov	Updated vendor link Veeam Statement.

Expand Details

Venafi (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Venafi Statement	https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice

Community Resources

Resource	Link
Venafi Statement	https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Venafi Statement.
2021-12-30 21:31:50	CISAGov	Updated vendor link Venafi Statement.

Expand Details

Veritas Aptare IT Analytics

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/support/en_US/article.100052081

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Version 10.4 and earlier are not affected.

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Veritas Media Server Deduplication Pool (MSDP) (on NB Appliance)

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052062

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Verita Statement	https://www.veritas.com/content/support/en_US/article.100052070

Community Resources

Resource	Link
Verita Statement	https://www.veritas.com/content/support/en_US/article.100052070

Sources

Date	Attribution	Description
2022-01-03 13:26:42	NCSC-NL	Updated community link Verita Statement.
2021-12-30 21:31:50	CISAGov	Updated vendor link Verita Statement.

Expand Details

Veritas NetBackup Appliance

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup Client

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup CloudPoint

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup Flex Scale

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052101.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Veritas strongly recommends customers using version 1.3 or 1.3.1 to upgrade to NetBackup FlexScale 2.1 in order to be able to perform the mitigation steps.

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Veritas NetBackup Media Server

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup Media Server container on Flex Appliance

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup OpsCenter

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/support/en_US/article.100052100

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Veritas has published updated versions of Log4j that replace the vulnerable libraries used by NetBackup OpsCenter 8.1.2 through 9.1.0.1.

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Veritas NetBackup Primary Server

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Veritas has published updated versions of Log4j that replace the vulnerable libraries used by NetBackup Primary Server 8.1.2 through 9.1.0.1.

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Veritas NetBackup Primary Server BYO (also known as Master Server)

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052058

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Veritas strongly recommends customers upgrade to NetBackup 8.1.2 or the latest release in order to be able to perform the mitigation steps.

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Veritas NetBackup Primary Server container on Flex Appliance

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052084

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Veritas NetBackup Resiliency Platform

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.veritas.com/content/support/en_US/article.100052109

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Vertica (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Vertica Statement	https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used

Community Resources

Resource	Link
Vertica Statement	https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Vertica Statement.
2021-12-30 21:31:50	CISAGov	Updated vendor link Vertica Statement.

Expand Details

Viso Trust (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Viso Trust Statement	https://blog.visotrust.com/viso-trust-statement-re-cve-2021-44228-log4j-a4b9b5767492

Community Resources

Resource	Link
Viso Trust Statement	https://blog.visotrust.com/viso-trust-statement-re-cve-2021-44228-log4j-a4b9b5767492

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Viso Trust Statement.
2021-12-30 21:31:50	CISAGov	Updated vendor link Viso Trust Statement.

Expand Details

VMware API Portal for VMware Tanzu

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware App Metrics

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
source	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://network.pivotal.io/products/apm

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link source. Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware AppDefense Appliance

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
KB	https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Mitigation-Steps-for-AppDefense/ta-p/109180

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
NCSC-NL	Advisory requires a login

Sources

Date	Attribution	Description
2022-01-03 13:26:42	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community link KB. Updated community note.

Expand Details

VMware Carbon Black Cloud Workload Appliance

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Carbon Black EDR server

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Cloud Director Object Storage Extension

Vendor Data

Vendor Patch Exists

Community Data

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://docs.vmware.com/en/VMware-Cloud-Director-Object-Storage-Extension/2.0.0.3/rn/vmware-cloud-director-object-storage-extension-2003-release-notes/index.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.

Expand Details

VMware Cloud Foundation

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
workaround	https://kb.vmware.com/s/article/87095

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link workaround.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware HCX

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Healthwatch for Tanzu Application Service

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://network.pivotal.io/products/p-healthwatch

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Horizon

CPE: cpe:2.3:a:vmware:horizon::::::::

Patched Version: Unknown
Last Vulnerable Version:	8.4.0
First Vulnerable Version:

Vendor Data

Exploit in the Wild

Confirmed Vulnerable

Vendor Patch Exists

Community Data

Log4j Default

Vulnerable

Exploitable

Vendor Resources

Resource	Link
VMSA-2021-0028.4 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Advisory	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
Workarounds	https://kb.vmware.com/s/article/87073

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
VMware KB 87073 (vmware.com)	https://kb.vmware.com/s/article/87073
Randori Advisory	https://www.randori.com/blog/vmsa-2021-0028-vmware-log4shell-impact-remediations/

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/17/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link VMSA-2021-0028.4 (vmware.com). Updated community link VMware KB 87073 (vmware.com). Updated community note.
2021-12-13T14:07:00-07:00	Randori	Updated cpe. Updated lastVulnerable. Updated vendorExploitInWild. Updated vendorConfirmedVulnerable. Updated communityLog4jDefault. Updated communityVulnerable. Updated communityExploitable. Updated community link Randori Advisory. Updated vendor link Advisory. Updated vendor link Workarounds.

Expand Details

VMware Horizon Cloud Connector

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://customerconnect.vmware.com/downloads/details?downloadGroup=HCS-CC-210&productId=716&rPId=79131#product_downloads

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Horizon DaaS

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
workaround	https://kb.vmware.com/s/article/87101

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link workaround.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Identity Manager

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware NSX Data Center for vSphere

Vendor Data

Vendor Patch Exists

Community Data

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).

Expand Details

VMware NSX-T Data Center

Vendor Data

Vendor Patch Exists

Community Data

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).

Expand Details

VMware NSX-T Data Centern

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Single Sign-On for VMware Tanzu Application Service

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://network.tanzu.vmware.com/products/pivotal_single_sign-on_service#/releases/1012467

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Site Recovery Manager

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Skyline Collector virtual appliance

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://kb.vmware.com/s/article/87068

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

VMware Spring Cloud Gateway for Kubernetes

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Spring Cloud Gateway for VMware Tanzu

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Spring Cloud Services for VMware Tanzu

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://network.tanzu.vmware.com/products/p-spring-cloud-services#/releases/1014061

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu Application Service for VMs

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu GemFire

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://network.pivotal.io/products/tanzu-gemfire-for-vms#/releases/

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu Greenplum

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu Kubernetes Grid Integrated Edition

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com).
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu Observability by Wavefront Nozzle

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
fix	https://network.pivotal.io/products/wavefront-nozzle

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu Operations Manager

Vendor Data

Vendor Patch Exists

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
workaround	https://community.pivotal.io/s/article/5004y00001mPn2N1639255611105?language=en_US
fix	https://network.pivotal.io/products/ops-manager/

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Fix ; CVE-2021-45046: Fix
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link workaround. Updated community link fix.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Tanzu SQL with MySQL for VMs

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
source	https://kb.vmware.com/s/article/87068

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated community note. Updated community link source.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Telco Cloud Automation

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
source	https://kb.vmware.com/s/article/87068

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated community note. Updated community link source.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware Unified Access Gateway

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware vCenter Cloud Gateway

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.1 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html
workaround	https://kb.vmware.com/s/article/87081

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
CISAGov	Last Update: 12/12/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link VMSA-2021-0028.1 (vmware.com). Updated community link workaround.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.1 (vmware.com). Updated community note.

Expand Details

VMware vCenter Server - OVA

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.4 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.4 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Workaround @ KB87081 (vmware.com)
CISAGov	Workaround @ KB87081 (vmware.com)
CISAGov	Last Update: 12/17/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link VMSA-2021-0028.4 (vmware.com). Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.4 (vmware.com). Updated community note. Updated community note.

Expand Details

VMware vCenter Server - Windows

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
VMSA-2021-0028.4 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Resources

Resource	Link
VMSA-2021-0028.4 (vmware.com)	https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Workaround @ KB87096 (vmware.com)
CISAGov	Workaround @ KB87096 (vmware.com)
CISAGov	Last Update: 12/17/2021

Sources

Date	Attribution	Description
2021-12-29 18:59:51	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link VMSA-2021-0028.4 (vmware.com). Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link VMSA-2021-0028.4 (vmware.com). Updated community note. Updated community note.

Expand Details

VMware vCloud Director

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://kb.vmware.com/s/article/87068?lang=en_US

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details