CVE-2021-44228 vulnerability in Amazon and Other Products
Published on December 10, 2021

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.

Vulnerability Analysis

CVE-2021-44228 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Products Associated with CVE-2021-44228

You can be notified by stack.watch whenever vulnerabilities like CVE-2021-44228 are published in these products:

Amazon Aws

  Watch

 

Apache Log4j

  Watch

 

Canonical Ubuntu Linux

  Watch

 

Siemens Captial

  Watch

 

Siemens Comos

  Watch

 

Siemens Desigo Cc Advanced Reports

  Watch

 

Siemens Desigo Cc Info Center

  Watch

 

Siemens E Car Operation Center

  Watch

 

Siemens Energy Engage

  Watch

 

Siemens Energyip

  Watch

 

Siemens Energyip Prepay

  Watch

 

Siemens Gma Manager

  Watch

 

Siemens Head End System Universal Device Integration System

  Watch

 

Siemens Industrial Edge Management

  Watch

 

Siemens Industrial Edge Management Hub

  Watch

 

Siemens Logo Soft Comfort

  Watch

 

Siemens Mendix

  Watch

 

Siemens Mindsphere

  Watch

 

Siemens Navigator

  Watch

 

Siemens Nx

  Watch

 

Siemens Opcenter Intelligence

  Watch

 

Siemens Operation Scheduler

  Watch

 

Siemens Sentron Powermanager

  Watch

 

Siemens Siguard Dsa

  Watch

 

Siemens Sipass Integrated

  Watch

 

Siemens Siveillance Command

  Watch

 

Siemens Siveillance Control Pro

  Watch

 

Siemens Siveillance Identity

  Watch

 

Siemens Siveillance Vantage

  Watch

 

Siemens Siveillance Viewpoint

  Watch

 

Siemens Solid Edge Cam Pro

  Watch

 

Siemens Solid Edge Harness Design

  Watch

 

Siemens Spectrum Power 4

  Watch

 

Siemens Spectrum Power 7

  Watch

 

Siemens Teamcenter

  Watch

 

Siemens Vesys

  Watch

 

Siemens Xpedition Enterprise

  Watch

 

Siemens Xpedition Package Integrator

  Watch

 

Intel Audio Development Kit

  Watch

 

Intel Computer Vision Annotation Tool

  Watch

 

Intel Data Center Manager

  Watch

 

Intel Genomics Kernel Library

  Watch

 

Intel Oneapi Sample Browser

  Watch

 

Intel Secure Device Onboard

  Watch

 

Intel Sensor Solution Firmware Development Kit

  Watch

 

Intel System Debugger

  Watch

 

Intel System Studio

  Watch

 

Debian Linux

  Watch

 

Fedora Project Fedora

  Watch

 

SonicWall Email Security

  Watch

 

NetApp Active Iq Unified Manager

  Watch

 

NetApp Cloud Insights

  Watch

 

NetApp Cloud Manager

  Watch

 

NetApp Cloud Secure Agent

  Watch

 

NetApp Oncommand Insight

  Watch

 

NetApp Ontap Tools

  Watch

 

NetApp Snapcenter

  Watch

 

Cisco Advanced Malware Protection Virtual Private Cloud Appliance

  Watch

 

Cisco Automated Subsea Tuning

  Watch

 

Cisco Broadworks

  Watch

 

Cisco Business Process Automation

  Watch

 

Cisco Cloud Connect

  Watch

 

Cisco Cloudcenter

  Watch

 

Cisco Cloudcenter Cost Optimizer

  Watch

 

Cisco Cloudcenter Suite Admin

  Watch

 

Cisco Cloudcenter Workload Manager

  Watch

 

Cisco Common Services Platform Collector

  Watch

 

Cisco Connected Mobile Experiences

  Watch

 

Cisco Contact Center Domain Manager

  Watch

 

Cisco Contact Center Management Portal

  Watch

 

Cisco Crosswork Data Gateway

  Watch

 

Cisco Crosswork Network Controller

  Watch

 

Cisco Crosswork Optimization Engine

  Watch

 

Cisco Crosswork Platform Infrastructure

  Watch

 

Cisco Crosswork Zero Touch Provisioning

  Watch

 

Cisco Customer Experience Cloud Agent

  Watch

 

Cisco Cyber Vision Sensor Management Extension

  Watch

 

Cisco Data Center Network Manager

  Watch

 

Cisco Dna Center

  Watch

 

Cisco Dna Spaces

  Watch

 

Cisco Emergency Responder

  Watch

 

Cisco Enterprise Chat And Email

  Watch

 

Cisco Evolved Programmable Network Manager

  Watch

 

Cisco Finesse

  Watch

 

Cisco Fog Director

  Watch

 

Cisco Identity Services Engine

  Watch

 

Cisco Integrated Management Controller Supervisor

  Watch

 

Cisco Intersight Virtual Appliance

  Watch

 

Cisco Iot Operations Dashboard

  Watch

 

Cisco Network Assurance Engine

  Watch

 

Cisco Network Services Orchestrator

  Watch

 

Cisco Nexus Dashboard

  Watch

 

Cisco Nexus Insights

  Watch

 

Cisco Optical Network Controller

  Watch

 

Cisco Packaged Contact Center Enterprise

  Watch

 

Cisco Paging Server

  Watch

 

Cisco Prime Service Catalog

  Watch

 

Cisco Sd Wan Vmanage

  Watch

 

Cisco Smart Phy

  Watch

 

Cisco Ucs Central

  Watch

 

Cisco Ucs Director

  Watch

 

Cisco Unified Communications Manager

  Watch

 

Cisco Unified Communications Manager Im Presence Service

  Watch

 

Cisco Unified Contact Center Enterprise

  Watch

 

Cisco Unified Contact Center Express

  Watch

 

Cisco Unified Customer Voice Portal

  Watch

 

Cisco Unity Connection

  Watch

 

Cisco Video Surveillance Operations Manager

  Watch

 

Cisco Virtual Topology System

  Watch

 

Cisco Virtualized Infrastructure Manager

  Watch

 

Cisco Virtualized Voice Browser

  Watch

 

Cisco Wan Automation Engine

  Watch

 

Cisco Webex Meetings Server

  Watch

 

Cisco Workload Optimization Manager

  Watch

 

Cisco Unified Intelligence Center

  Watch

 

Cisco Unified Sip Proxy

  Watch

 

Cisco Unified Workforce Optimization

  Watch

 

Cisco Cloudcenter Suite

  Watch

 

Cisco Connected Analytics Network Deployment

  Watch

 

Cisco Crosswork Network Automation

  Watch

 

Cisco Cx Cloud Agent

  Watch

 

Cisco Cyber Vision

  Watch

 

Cisco Dna Spaces Connector

  Watch

 

Cisco Firepower Threat Defense

  Watch

 

Cisco Mobility Services Engine

  Watch

 

Cisco Network Dashboard Fabric Controller

  Watch

 

Cisco Network Insights Data Center

  Watch

 

Cisco Ucs Central Software

  Watch

 

Cisco Unified Computing System

  Watch

 

Cisco Unified Contact Center Management Portal

  Watch

 

Cisco Video Surveillance Manager

  Watch

 

Snowsoftware Snow Commander

  Watch

 

Snowsoftware Vm Access Proxy

  Watch

 

Bentley Synchro

  Watch

 

Bentley Synchro 4d

  Watch

 

Percussion Rhythmyx

  Watch

 

What versions are vulnerable to CVE-2021-44228?

•   Apache Log4j Version 2.0 rc1
•   Apache Log4j Version 2.0 beta9
•   Apache Log4j Version 2.0 rc2
•   Apache Log4j Version 2.0 -
•   Apache Log4j Version 2.13.0 Fixed in Version 2.15.0
•   Apache Log4j Version 2.0.1 Fixed in Version 2.3.1
•   Apache Log4j Version 2.4.0 Fixed in Version 2.12.2

Each of the following must match for the vulnerability to exist.

•   Siemens Logo Soft Comfort
•   Siemens Spectrum Power 4 Version 4.70 sp7
•   Siemens Spectrum Power 4 Version 4.70 -
•   Siemens Spectrum Power 4 Fixed in Version 4.70
•   Siemens Siveillance Control Pro
•   Siemens Energyip Prepay Version 3.7
•   Siemens Energyip Prepay Version 3.8
•   Siemens Spectrum Power 4 Version 4.70 sp8
•   Siemens Siveillance Identity Version 1.6
•   Siemens Siveillance Identity Version 1.5
•   Siemens Siveillance Command Up to Version 4.16.2.1
•   Siemens Sipass Integrated Version 2.85
•   Siemens Sipass Integrated Version 2.80
•   Siemens Head End System Universal Device Integration System
•   Siemens Gma Manager Fixed in Version 8.6.2j-398
•   Siemens Energyip Version 8.5
•   Siemens Energyip Version 8.6
•   Siemens Energyip Version 8.7
•   Siemens Energyip Version 9.0
•   Siemens Energy Engage Version 3.1
•   Siemens E Car Operation Center Fixed in Version 2021-12-13
•   Siemens Desigo Cc Info Center Version 5.0
•   Siemens Desigo Cc Info Center Version 5.1
•   Siemens Desigo Cc Advanced Reports Version 4.1
•   Siemens Desigo Cc Advanced Reports Version 4.2
•   Siemens Desigo Cc Advanced Reports Version 5.0
•   Siemens Desigo Cc Advanced Reports Version 5.1
•   Siemens Desigo Cc Advanced Reports Version 4.0
•   Siemens Comos
•   Siemens Captial Version 2019.1 sp1912
•   Siemens Navigator Fixed in Version 2021-12-13
•   Siemens Xpedition Package Integrator Version -
•   Siemens Xpedition Enterprise Version -
•   Siemens Vesys Version 2019.1 sp1912
•   Siemens Vesys Version 2019.1
•   Siemens Vesys Fixed in Version 2019.1
•   Siemens Vesys Version 2019.1 -
•   Siemens Teamcenter
•   Siemens Spectrum Power 7 Version 2.30 sp2
•   Siemens Spectrum Power 7 Version 2.30 -
•   Siemens Spectrum Power 7 Fixed in Version 2.30
•   Siemens Spectrum Power 7 Version 2.30
•   Siemens Solid Edge Harness Design Version 2020 sp2002
•   Siemens Solid Edge Harness Design Version 2020 -
•   Siemens Solid Edge Harness Design Fixed in Version 2020
•   Siemens Captial Version 2019.1 -
•   Siemens Solid Edge Harness Design Version 2020
•   Siemens Solid Edge Cam Pro
•   Siemens Siveillance Viewpoint
•   Siemens Siveillance Vantage
•   Siemens Siguard Dsa Version 4.3
•   Siemens Siguard Dsa Version 4.4
•   Siemens Siguard Dsa Version 4.2
•   Siemens Sentron Powermanager Version 4.2
•   Siemens Sentron Powermanager Version 4.1
•   Siemens Operation Scheduler Up to Version 1.1.3
•   Siemens Nx
•   Siemens Opcenter Intelligence Up to Version 3.2
•   Siemens Mindsphere Fixed in Version 2021-12-11
•   Siemens Mendix
•   Siemens Industrial Edge Management Hub Fixed in Version 2021-12-13
•   Siemens Industrial Edge Management
•   Siemens Captial Fixed in Version 2019.1

•   Intel Audio Development Kit Version -
•   Intel System Debugger Version -
•   Intel Secure Device Onboard Version -
•   Intel Oneapi Sample Browser Version - eclipse
•   Intel Sensor Solution Firmware Development Kit Version -
•   Intel Computer Vision Annotation Tool Version -
•   Intel Genomics Kernel Library Version -
•   Intel System Studio Version -
•   Intel Data Center Manager Fixed in Version 5.1

•   Debian Linux Version 9.0
•   Debian Linux Version 10.0
•   Debian Linux Version 11.0

•   Fedora Project Fedora Version 34
•   Fedora Project Fedora Version 35

•   SonicWall Email Security Fixed in Version 10.0.12

•   NetApp Oncommand Insight Version -
•   NetApp Cloud Insights Version -
•   NetApp Active Iq Unified Manager Version - vmware_vsphere
•   NetApp Active Iq Unified Manager Version - linux
•   NetApp Active Iq Unified Manager Version - windows
•   NetApp Cloud Manager Version -
•   NetApp Cloud Secure Agent Version -
•   NetApp Ontap Tools Version - vmware_vsphere
•   NetApp Snapcenter Version - vmware_vsphere

•   Cisco Unified Communications Manager Im Presence Service Version 11.5\(1\)
•   Cisco Unified Customer Voice Portal Version 11.6
•   Cisco Webex Meetings Server Fixed in Version 3.0
•   Cisco Packaged Contact Center Enterprise Version 11.6\(1\)
•   Cisco Webex Meetings Server Version 3.0 maintenance_release1
•   Cisco Webex Meetings Server Version 3.0 -
•   Cisco Identity Services Engine Fixed in Version 2.4.0
•   Cisco Data Center Network Manager Fixed in Version 11.3\(1\)
•   Cisco Webex Meetings Server Version 3.0 maintenance_release2
•   Cisco Webex Meetings Server Version 3.0 maintenance_release3
•   Cisco Webex Meetings Server Version 4.0 -
•   Cisco Webex Meetings Server Version 4.0 maintenance_release1
•   Cisco Webex Meetings Server Version 4.0 maintenance_release2
•   Cisco Webex Meetings Server Version 4.0 maintenance_release3
•   Cisco Unified Contact Center Express Fixed in Version 12.5\(1\)
•   Cisco Data Center Network Manager Version 11.3\(1\)
•   Cisco Webex Meetings Server Version 3.0 maintenance_release3 -
•   Cisco Webex Meetings Server Version 3.0 maintenance_release3_service_pack_2
•   Cisco Webex Meetings Server Version 3.0 maintenance_release3_service_pack_3
•   Cisco Webex Meetings Server Version 3.0 maintenance_release4
•   Cisco Webex Meetings Server Version 3.0 maintenance_release3_security_patch4
•   Cisco Identity Services Engine Version 2.4.0 -
•   Cisco Finesse Fixed in Version 12.6\(1\)
•   Cisco Finesse Version 12.6\(1\)
•   Cisco Nexus Dashboard Fixed in Version 2.1.2
•   Cisco Network Services Orchestrator Version 5.6 Fixed in Version 5.6.3.1
•   Cisco Network Services Orchestrator Version 5.5 Fixed in Version 5.5.4.1
•   Cisco Network Services Orchestrator Fixed in Version 5.3.5.1
•   Cisco Iot Operations Dashboard Version -
•   Cisco Intersight Virtual Appliance Fixed in Version 1.0.9-361
•   Cisco Evolved Programmable Network Manager Up to Version 4.1.1
•   Cisco Network Services Orchestrator Version 5.4 Fixed in Version 5.4.5.2
•   Cisco Dna Spaces Version _connector Fixed in Version 2.5
•   Cisco Cyber Vision Sensor Management Extension Fixed in Version 4.0.3
•   Cisco Crosswork Zero Touch Provisioning Fixed in Version 2.0.1
•   Cisco Crosswork Zero Touch Provisioning Version 3.0.0
•   Cisco Crosswork Platform Infrastructure Fixed in Version 4.0.1
•   Cisco Crosswork Platform Infrastructure Version 4.1.0
•   Cisco Crosswork Optimization Engine Fixed in Version 2.0.1
•   Cisco Crosswork Optimization Engine Version 3.0.0
•   Cisco Crosswork Network Controller Version 3.0.0
•   Cisco Crosswork Network Controller Fixed in Version 2.0.1
•   Cisco Crosswork Data Gateway Version 3.0.0
•   Cisco Crosswork Data Gateway Fixed in Version 2.0.2
•   Cisco Common Services Platform Collector Version 2.10.0 Fixed in Version 2.10.0.1
•   Cisco Common Services Platform Collector Fixed in Version 2.9.1.3
•   Cisco Cloudcenter Fixed in Version 4.10.0.16
•   Cisco Cloudcenter Workload Manager Fixed in Version 5.5.2
•   Cisco Cloudcenter Suite Admin Fixed in Version 5.3.1
•   Cisco Cloudcenter Cost Optimizer Fixed in Version 5.5.2
•   Cisco Business Process Automation Version 3.2.000.000 Fixed in Version 3.2.000.009
•   Cisco Business Process Automation Version 3.1.000.000 Fixed in Version 3.1.000.044
•   Cisco Business Process Automation Fixed in Version 3.0.000.115
•   Cisco Automated Subsea Tuning Fixed in Version 2.1.0
•   Cisco Nexus Insights Fixed in Version 6.0.2
•   Cisco Advanced Malware Protection Virtual Private Cloud Appliance Fixed in Version 3.5.4
•   Cisco Customer Experience Cloud Agent Fixed in Version 1.12.1
•   Cisco Webex Meetings Server Version 3.0 maintenance_release3_security_patch5
•   Cisco Workload Optimization Manager Fixed in Version 3.2.1
•   Cisco Ucs Central Fixed in Version 2.0\(1p\)
•   Cisco Ucs Director Fixed in Version 6.8.2.0
•   Cisco Sd Wan Vmanage Fixed in Version 20.3.4.1
•   Cisco Optical Network Controller Fixed in Version 1.1.0
•   Cisco Fog Director Version -
•   Cisco Dna Center Version 2.2.3.0 Fixed in Version 2.2.3.4
•   Cisco Sd Wan Vmanage Version 20.4 Fixed in Version 20.4.2.1
•   Cisco Integrated Management Controller Supervisor Fixed in Version 2.3.2.1
•   Cisco Wan Automation Engine Fixed in Version 7.3.0.2
•   Cisco Virtualized Infrastructure Manager Version 3.4.0 Fixed in Version 3.4.4
•   Cisco Sd Wan Vmanage Version 20.5 Fixed in Version 20.5.1.1
•   Cisco Network Assurance Engine Fixed in Version 6.0.2
•   Cisco Virtualized Infrastructure Manager Fixed in Version 3.2.0
•   Cisco Dna Center Fixed in Version 2.1.2.8
•   Cisco Sd Wan Vmanage Version 20.6 Fixed in Version 20.6.2.1
•   Cisco Virtual Topology System Fixed in Version 2.6.7
•   Cisco Dna Center Version 2.2.2.0 Fixed in Version 2.2.2.8
•   Cisco Smart Phy Fixed in Version 3.2.1
•   Cisco Prime Service Catalog Fixed in Version 12.1
•   Cisco Connected Mobile Experiences Version -
•   Cisco Video Surveillance Operations Manager Fixed in Version 7.14.4
•   Cisco Unity Connection Fixed in Version 11.5\(1\)
•   Cisco Virtualized Voice Browser Fixed in Version 12.5\(1\)
•   Cisco Unified Workforce Optimization Fixed in Version 11.5\(1\)
•   Cisco Unified Sip Proxy Fixed in Version 10.2.1v2
•   Cisco Unified Intelligence Center Fixed in Version 12.6\(1\)
•   Cisco Unified Customer Voice Portal Fixed in Version 11.6
•   Cisco Unified Customer Voice Portal Version 12.0
•   Cisco Unified Customer Voice Portal Version 12.5
•   Cisco Unified Contact Center Enterprise Fixed in Version 11.6\(2\)
•   Cisco Unified Contact Center Enterprise Version 11.6\(2\)
•   Cisco Unified Communications Manager Im Presence Service Fixed in Version 11.5\(1\)
•   Cisco Unified Communications Manager Fixed in Version 11.5\(1\)
•   Cisco Unified Communications Manager Fixed in Version 11.5\(1\)
•   Cisco Unified Communications Manager Version 11.5\(1\)su3
•   Cisco Unified Communications Manager Version 11.5\(1\)
•   Cisco Unified Communications Manager Version 11.5\(1\)
•   Cisco Paging Server Fixed in Version 14.4.1
•   Cisco Unified Communications Manager Version 11.5\(1\)
•   Cisco Packaged Contact Center Enterprise Fixed in Version 11.6
•   Cisco Enterprise Chat And Email Fixed in Version 12.0\(1\)
•   Cisco Emergency Responder Fixed in Version 11.5\(4\)
•   Cisco Contact Center Management Portal Fixed in Version 12.5\(1\)
•   Cisco Contact Center Domain Manager Fixed in Version 12.5\(1\)
•   Cisco Cloud Connect Fixed in Version 12.6\(1\)
•   Cisco Broadworks Fixed in Version 2021.11_1.162

Each of the following must match for the vulnerability to exist.

•   Cisco Prime Service Catalog Version 12.1
•   Cisco Firepower Threat Defense Version 6.2.3
•   Cisco Webex Meetings Server Version 3.0
•   Cisco Firepower Threat Defense Version 6.4.0
•   Cisco Firepower Threat Defense Version 6.3.0
•   Cisco Webex Meetings Server Version 4.0
•   Cisco Unity Connection Version 11.5
•   Cisco Firepower Threat Defense Version 6.5.0
•   Cisco Firepower Threat Defense Version 6.6.0
•   Cisco Sd Wan Vmanage Version 20.3
•   Cisco Sd Wan Vmanage Version 20.6
•   Cisco Sd Wan Vmanage Version 20.5
•   Cisco Unified Contact Center Enterprise Version 11.6\(2\)
•   Cisco Cyber Vision Sensor Management Extension Version 4.0.2
•   Cisco Dna Spaces Connector Version -
•   Cisco Unified Sip Proxy Version 010.002\(001\)
•   Cisco Unified Sip Proxy Version 010.002\(000\)
•   Cisco Unified Sip Proxy Version 010.000\(001\)
•   Cisco Unified Sip Proxy Version 010.000\(000\)
•   Cisco Unified Intelligence Center Version 12.6\(2\) -
•   Cisco Unified Intelligence Center Version 12.6\(1\) es02
•   Cisco Unified Intelligence Center Version 12.6\(1\) es01
•   Cisco Unified Intelligence Center Version 12.6\(1\) -
•   Cisco Unified Customer Voice Portal Version 12.6\(1\)
•   Cisco Unified Customer Voice Portal Version 12.5\(1\)
•   Cisco Unified Customer Voice Portal Version 12.0\(1\)
•   Cisco Unified Customer Voice Portal Version 11.6\(1\)
•   Cisco Unified Contact Center Express Version 12.5\(1\) su1
•   Cisco Unified Contact Center Express Version 12.5\(1\) -
•   Cisco Unified Communications Manager Im Presence Service Version 11.5\(1.22900.6\)
•   Cisco Unified Communications Manager Im Presence Service Version 11.5\(1\)
•   Cisco Unified Communications Manager Version 11.5\(1.22900.28\)
•   Cisco Unified Communications Manager Version 11.5\(1.21900.40\)
•   Cisco Unified Communications Manager Version 11.5\(1.18900.97\)
•   Cisco Unified Communications Manager Version 11.5\(1.18119.2\)
•   Cisco Unified Communications Manager Version 11.5\(1.17900.52\)
•   Cisco Paging Server Version 9.1\(1\)
•   Cisco Paging Server Version 9.0\(2\)
•   Cisco Paging Server Version 9.0\(1\)
•   Cisco Paging Server Version 8.5\(1\)
•   Cisco Paging Server Version 8.4\(1\)
•   Cisco Paging Server Version 8.3\(1\)
•   Cisco Paging Server Version 14.0\(1\)
•   Cisco Paging Server Version 12.5\(2\)
•   Cisco Unified Contact Center Enterprise Version 12.6\(2\)
•   Cisco Unified Contact Center Enterprise Version 12.6\(1\)
•   Cisco Unified Contact Center Enterprise Version 12.5\(1\)
•   Cisco Unified Contact Center Enterprise Version 12.0\(1\)
•   Cisco Finesse Version 12.6\(1\) es03
•   Cisco Finesse Version 12.6\(1\) es02
•   Cisco Finesse Version 12.6\(1\) es01
•   Cisco Finesse Version 12.6\(1\) -
•   Cisco Finesse Version 12.5\(1\) su2
•   Cisco Finesse Version 12.5\(1\) su1
•   Cisco Enterprise Chat And Email Version 12.6\(1\)
•   Cisco Enterprise Chat And Email Version 12.5\(1\)
•   Cisco Enterprise Chat And Email Version 12.0\(1\)
•   Cisco Emergency Responder Version 11.5\(4.66000.14\)
•   Cisco Emergency Responder Version 11.5\(4.65000.14\)
•   Cisco Emergency Responder Version 11.5
•   Cisco Unified Contact Center Management Portal Version 12.6\(1\)
•   Cisco Unified Contact Center Express Version 12.6\(2\)
•   Cisco Unified Contact Center Express Version 12.6\(1\)
•   Cisco Broadworks Version -
•   Cisco Unified Computing System Version 006.008\(001.000\)
•   Cisco Ucs Central Software Version 2.0\(1l\)
•   Cisco Ucs Central Software Version 2.0\(1k\)
•   Cisco Ucs Central Software Version 2.0\(1h\)
•   Cisco Ucs Central Software Version 2.0\(1g\)
•   Cisco Ucs Central Software Version 2.0\(1f\)
•   Cisco Ucs Central Software Version 2.0\(1e\)
•   Cisco Ucs Central Software Version 2.0\(1d\)
•   Cisco Ucs Central Software Version 2.0\(1c\)
•   Cisco Ucs Central Software Version 2.0\(1b\)
•   Cisco Ucs Central Software Version 2.0\(1a\)
•   Cisco Ucs Central Software Version 2.0
•   Cisco Integrated Management Controller Supervisor Version 2.3.2.0
•   Cisco Integrated Management Controller Supervisor Version 002.003\(002.000\)
•   Cisco Sd Wan Vmanage Version 20.6.1
•   Cisco Sd Wan Vmanage Version 20.8
•   Cisco Sd Wan Vmanage Version 20.7
•   Cisco Sd Wan Vmanage Version 20.4
•   Cisco Optical Network Controller Version 1.1
•   Cisco Network Assurance Engine Version 6.0\(2.1912\)
•   Cisco Dna Center Version 2.2.2.8
•   Cisco Wan Automation Engine Version 7.6
•   Cisco Wan Automation Engine Version 7.5
•   Cisco Wan Automation Engine Version 7.4
•   Cisco Wan Automation Engine Version 7.3
•   Cisco Wan Automation Engine Version 7.2.3
•   Cisco Wan Automation Engine Version 7.2.2
•   Cisco Wan Automation Engine Version 7.2.1
•   Cisco Wan Automation Engine Version 7.1.3
•   Cisco Virtual Topology System Version 2.6.6
•   Cisco Smart Phy Version 3.2.1
•   Cisco Smart Phy Version 3.1.5
•   Cisco Smart Phy Version 3.1.4
•   Cisco Smart Phy Version 3.1.3
•   Cisco Smart Phy Version 3.1.2
•   Cisco Smart Phy Version 21.3
•   Cisco Network Services Orchestrator Version -
•   Cisco Intersight Virtual Appliance Version 1.0.9-343
•   Cisco Evolved Programmable Network Manager Version 5.1
•   Cisco Evolved Programmable Network Manager Version 5.0
•   Cisco Evolved Programmable Network Manager Version 4.1
•   Cisco Evolved Programmable Network Manager Version 4.0
•   Cisco Evolved Programmable Network Manager Version 3.1
•   Cisco Evolved Programmable Network Manager Version 3.0
•   Cisco Network Dashboard Fabric Controller Version 11.5\(3\)
•   Cisco Network Dashboard Fabric Controller Version 11.5\(2\)
•   Cisco Network Dashboard Fabric Controller Version 11.5\(1\)
•   Cisco Network Dashboard Fabric Controller Version 11.4\(1\)
•   Cisco Network Dashboard Fabric Controller Version 11.3\(1\)
•   Cisco Network Dashboard Fabric Controller Version 11.2\(1\)
•   Cisco Network Dashboard Fabric Controller Version 11.1\(1\)
•   Cisco Network Dashboard Fabric Controller Version 11.0\(1\)
•   Cisco Video Surveillance Manager Version 7.14\(4.018\)
•   Cisco Video Surveillance Manager Version 7.14\(3.025\)
•   Cisco Video Surveillance Manager Version 7.14\(2.26\)
•   Cisco Video Surveillance Manager Version 7.14\(1.26\)
•   Cisco Unified Workforce Optimization Version 11.5\(1\) sr7
•   Cisco Unity Connection Version 11.5\(1.10000.6\)
•   Cisco Cloudcenter Suite Version 5.3\(0\)
•   Cisco Cloudcenter Suite Version 5.5\(0\)
•   Cisco Cloudcenter Suite Version 5.4\(1\)
•   Cisco Automated Subsea Tuning Version 02.01.00
•   Cisco Identity Services Engine Version 003.002\(000.116\) -
•   Cisco Identity Services Engine Version 003.001\(000.518\) -
•   Cisco Identity Services Engine Version 003.000\(000.458\) -
•   Cisco Identity Services Engine Version 002.007\(000.356\) -
•   Cisco Identity Services Engine Version 002.006\(000.156\) -
•   Cisco Identity Services Engine Version 002.004\(000.914\) -
•   Cisco Firepower Threat Defense Version 7.1.0
•   Cisco Firepower Threat Defense Version 7.0.0
•   Cisco Firepower Threat Defense Version 6.7.0
•   Cisco Network Insights Data Center Version 6.0\(2.1914\)
•   Cisco Cx Cloud Agent Version 001.012
•   Cisco Mobility Services Engine Version -
•   Cisco Cloudcenter Suite Version 5.5\(1\)
•   Cisco Cloudcenter Suite Version 4.10\(0.15\)
•   Cisco Dna Spaces Version -
•   Cisco Cyber Vision Version 4.0.2
•   Cisco Connected Analytics Network Deployment Version 7.3
•   Cisco Connected Analytics Network Deployment Version 008.000.000.000.004
•   Cisco Connected Analytics Network Deployment Version 008.000.000
•   Cisco Connected Analytics Network Deployment Version 007.003.003
•   Cisco Connected Analytics Network Deployment Version 007.003.001.001
•   Cisco Connected Analytics Network Deployment Version 007.003.000
•   Cisco Connected Analytics Network Deployment Version 007.002.000
•   Cisco Connected Analytics Network Deployment Version 007.001.000
•   Cisco Connected Analytics Network Deployment Version 007.000.001
•   Cisco Connected Analytics Network Deployment Version 006.005.000.000
•   Cisco Connected Analytics Network Deployment Version 006.005.000.
•   Cisco Connected Analytics Network Deployment Version 006.004.000.003
•   Cisco Crosswork Network Automation Version 4.1.1
•   Cisco Crosswork Network Automation Version 4.1.0
•   Cisco Crosswork Network Automation Version -
•   Cisco Crosswork Network Automation Version 3.0.0
•   Cisco Crosswork Network Automation Version 2.0.0
•   Cisco Common Services Platform Collector Version 002.010\(000.000\)
•   Cisco Common Services Platform Collector Version 002.009\(001.002\)
•   Cisco Common Services Platform Collector Version 002.009\(001.001\)
•   Cisco Common Services Platform Collector Version 002.009\(001.000\)
•   Cisco Common Services Platform Collector Version 002.009\(000.002\)
•   Cisco Common Services Platform Collector Version 002.009\(000.001\)
•   Cisco Common Services Platform Collector Version 002.009\(000.000\)

•   Snowsoftware Vm Access Proxy Fixed in Version 3.6
•   Snowsoftware Snow Commander Fixed in Version 8.10.0

•   Bentley Synchro 4d Fixed in Version 6.2.4.2
•   Bentley Synchro Version 6.1 Fixed in Version 6.4.3.2

•   Percussion Rhythmyx Up to Version 7.3.2

Vulnerable Packages

The following package name and versions may be associated with CVE-2021-44228