Log4j Overview: Related Software

Log4j Overview: Related Software

This page contains an overview of any related software regarding the Log4j vulnerability. On this page NCSC-NL and partners will maintain a list of all known vulnerable and not vulnerable software. Furthermore, references to software will contain specific information regarding which version contains the security fixes and which software still requires fixes. Please note that this vulnerability may also occur in custom software developed within your organisation. These occurrences are not registered in this overview.

NCSC Advisories
NCSC-NL has published a HIGH/HIGH advisory for the Log4j vulnerability. Normally we would update the HIGH/HIGH advisory for vulnerable software packages, however due to the extensive amounts of expected updates we have created a list of known vulnerable software in the software directory.

Daily CSV/JSON releases
Daily releases of this software list are listed, including CSV and JSON files, in the releases overview. Please check the software list parser tool to generate a CSV or JSON on your own.

Disclaimer: _We aim to provide as the information as accurately as possible with the resources available to us. However, we do not have the capacity to monitor all software for updates/fixes. You are advised to review the links provided for available updates. If you find updates or mistakes, please contribute by creating a Pull Request. Learn how.


Software overview

NCSC-NL will use the following status labels:

StatusDescription
UnknownStatus unknown. Default choice.
AffectedReported to be affected by CVE-2021-44228.
Not AffectedReported to NOT be affected by CVE-2021-44228 and no further action necessary.
FixedPatch and/or mitigations available (see provided links).
Under InvestigationVendor investigating status.

Software List

This list was initially populated using information from the following sources:
  1. Kevin Beaumont
  2. SwitHak

Vendor Link
Notes
Other References
Last Updated
VendorProductVersion(s)StatusUpdate Available
1Password1PasswordNot affected1Password public response on Reddit12/20/2021
2n2n Advisory Link
3CX3CX Community Thread Link
3M Health Information SystemsCGSAffectedUnknownCGS: Log4j Software Update(login required)This advisory is available to customer only and has not been reviewed by CISA.12/15/2021
7-Zip7Zip Discussion Link
ABBABB Link
ABBABB Remote ServiceABB Remote Platform (RAP)AffectedDetails are shared with active subscribers
ABBAlarmInsight CloudAlarmInsight KPI Dashboards 1.0.0Under Investigation
ABBB&R ProductsSee Vendor AdvisoryBR-Automation Advisory
AbbottAbbott Advisory Link12/30/2021
AccellenceAccellence Article
AccellionKiteworksv7.6 releaseFixedYesKiteworks Statement"As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 contained in the Solr package as recommended by Apache Solr group. Specifically, it updates the Log4j library to a non-vulnerable version on CentOS 7 systems as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true” to disable the possible attack vector on both CentOS 6 and CentOS 7."12/16/2021
AcquiaAcquia Article
AcronisAcronis Advisory Link
ActiveStateActiveState Blog Post
AdaptecAdaptec Link
AddigyAddigy Blog Post
AdeptiaAdeptia Article
Adobe ColdFusionAdobe ColdFusion Link
ADPADP Alert Link
AFAS SoftwareAFAS Software Link
AgilysysAgilysys Link
Advanced Systems Concepts (formally Jscape)Active MFTNot AffectedNoLog4J VulnerabiltyThis advisory is available to customers only and has not been reviewed by CISA12/14/2021
Advanced Systems Concepts (formally Jscape)MFT ServerNot AffectedNoLog4J VulnerabiltyThis advisory is available to customers only and has not been reviewed by CISA12/14/2021
Advanced Systems Concepts (formally Jscape)MFT GatewayNot AffectedNoLog4J VulnerabiltyThis advisory is available to customers only and has not been reviewed by CISA12/14/2021
Advanced Systems Concepts (formally Jscape)MFTNot AffectedNoLog4J VulnerabiltyThis advisory is available to customers only and has not been reviewed by CISA12/14/2021
AkamaiSIEM Splunk ConnectorAllAffectedYesAkamai SIEM Integrationv1.4.11 is the new recommendation for mitigation of log4j vulnerabilities12/15/2021
AlcatelAlcatel Link
AlertusAlertus Article Link
AlexionAlexion Blog Post
AlfrescoAlfresco Blog Post
AlienVaultAlienVault Article Link
Alphatron MedicalAlphatron Medical Website
AmazonAWSLinux 1,2Not AffectedNoNotes: Amazon Linux 1 had aws apitools which were Java based but these were deprecated in 2015 AWS Forum. AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2 and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp212/15/2021
AmazonAWS CloudHSM< 3.4.1.AffectedApache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)
AmazonAWS LambdaUnknownAffectedYesApache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)
AmazonEC2Amazon Linux 1 & 2Not AffectedApache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)12/15/2021
AmazonOpenSearchUnknownAffectedYes (R20211203-P2)Apache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)
ApacheCamel3.14.1.3.11.5,3.7.7AffectedYesAPACHE CAMEL AND CVE-2021-44228 (LOG4J)Apache Camel does not directly depend on Log4j 2, so we are not affected by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own applications, make sure to upgrade.Apache Camel does use log4j during testing itself, and therefore you can find that we have been using log4j v2.13.3 release in our latest LTS releases Camel 3.7.6, 3.11.4.12/13/2021
ApacheCamel QuarkusNot AffectedNoAPACHE CAMEL AND CVE-2021-44228 (LOG4J)12/13/2021
ApacheCamel KNot AffectedNoAPACHE CAMEL AND CVE-2021-44228 (LOG4J)12/13/2021
ApacheCamelKafka ConnectorNot AffectedNoAPACHE CAMEL AND CVE-2021-44228 (LOG4J)12/13/2021
ApacheCamel KarafAffectedNoAPACHE CAMEL AND CVE-2021-44228 (LOG4J)The Karaf team is aware of this and are working on a new Karaf 4.3.4 release with updated log4j.12/13/2021
ApacheCamel JBang<=3.1.4AffectedNoAPACHE CAMEL AND CVE-2021-44228 (LOG4J)12/13/2021
ApacheCamel 2Not AffectedNoneAPACHE CAMEL AND CVE-2021-44228 (LOG4J)12/13/2021
ApacheDruid< druid 0.22.0AffectedYesRelease druid-0.22.1 · apache/druid · GitHub12/12/2021
ApacheFlink< flink 1.15.0, 1.14.1, 1.13.3AffectedNoApache Flink: Advise on Apache Log4j Zero Day (CVE-2021-44228)12/12/2021
ApacheKafkaAllNot AffectedNoKafka Apache ListThe current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1, not v2.12/14/2021
ApacheKafkaUnknownAffectedNoLog4j – Apache Log4j Security VulnerabilitiesOnly vulnerable in certain configuration(s)
ApacheLog4j< 2.15.0AffectedYesLog4j – Apache Log4j Security Vulnerabilities
ApacheSolr7.4.0 to 7.7.3, 8.0.0 to 8.11.0FixedYesApache Solr SecurityUpdate to 8.11.1 or apply fixes as described in Solr security advisoryApache Solr 8.11.1 downloads12/16/2021
ApereoCAS6.3.x & 6.4.xAffectedYesCAS Log4J Vulnerability Disclosure – Apereo Community Blog
ApereoOpencast< 9.10, < 10.6AffectedYesApache Log4j Remote Code Execution · Advisory · opencast/opencast · GitHub
Application Performance LtdDBMarlinNot AffectedCommon Vulnerabilities Apache log4j Vulnerability CVE-2021-442812/15/2021
ApigeeApigee Link
ApolloApollo Community Link
AppdynamicsAppdynamics Advisory Link
AppeonPowerBuilderAppeon PowerBuilder 2017-2021 regardless of product editionAffectedNo12/15/2021
AppGateAppGate Blog Post
Application Performance LtdDBMarlinNot AffectedCommon Vulnerabilities Apache log4j Vulnerability CVE-2021-442812/15/2021
APPSHEETAPPSHEET Community Link
AptibleAptibleElasticSearch 5.xAffectedYesAptible Status - Log4j security incident CVE-2021-27135
APC by Schneider ElectricPowerchute Business Editionv9.5, v10.0.1, v10.0.2, v10.0.3, v10.0.4FixedNohttps://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345Mitigation instructions to remove the affected class.12/15/2021
APC by Schneider ElectricPowerchute Network Shutdown4.2, 4.3, 4.4, 4.4.1FixedNohttps://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345Mitigation instructions to remove the affected class.12/15/2021
Aqua SecurityAqua Security Google Doc
Arca NoaeArca Noae Link
ArcticWolfArcticWolf Blog Post
ArduinoArduino Support Link
AribaAriba Annoucement
AristaArista Advisory Notice
Aruba NetworksAruba Networks Notification
AtaccamaAtaccama Link
AteraAtera Link
AtlassianBamboo Server & Data CenterAllNot AffectedMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.
AtlassianBitbucket Server & Data CenterAllAffectedYesMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product is not vulnerable to remote code execution but may leak information due to the bundled Elasticsearch component being vulnerable.
AtlassianConfluence Server & Data CenterAllNot AffectedMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.
AtlassianCrowd Server & Data CenterAllNot AffectedMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.
AtlassianCrucibleAllNot AffectedMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.
AtlassianFisheyeAllNot AffectedMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.
AtlassianJira Server & Data CenterAllNot AffectedMultiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration.
Attivo networksAttivo Networks Advisory
AudioCodesAudioCodes Link
AutodeskAutodesk Article Link
AutomoxAutomox Blog Post
AutopsyAutopsy Link
AuvikAuvik Status Link
Avantra SYSLINKAvantra SYSLINK Article
AvayaAvaya Analytics3.5, 3.6, 3.6.1, 3.7, 4AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Aura for OneCloud PrivateAffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product SecurityAvaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes.12/14/2021
AvayaAvaya Aura® Application Enablement Services8.1.3.2, 8.1.3.3, 10.1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product SecurityPSN020551u12/14/2021
AvayaAvaya Aura® Contact Center7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Aura® Device Services8, 8.1, 8.1.4, 8.1.5AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Aura® Media Server8.0.0, 8.0.1, 8.0.2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product SecurityPSN020549u12/14/2021
AvayaAvaya Aura® Presence Services10.1, 7.1.2, 8, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Aura® Session Manager10.1, 7.1.3, 8, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product SecurityPSN020550u12/14/2021
AvayaAvaya Aura® System Manager10.1, 8.1.3AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product SecurityPSN005565u12/14/2021
AvayaAvaya Aura® Web Gateway3.11[P], 3.8.1[P], 3.8[P], 3.9.1 [P], 3.9[P]AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Breeze™3.7, 3.8, 3.8.1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Contact Center Select7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya CRM Connector - Connected Desktop2.2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Device Enablement Service3.1.22AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Meetings9.1.10, 9.1.11, 9.1.12AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya one cloud private -UCaaS - Mid Market Aura1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya OneCloud-Private2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Session Border Controller for Enterprise8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3AffectedYesApache Log4J Vulnerability - Impact for Avaya products Avaya Product SecurityPSN020554u12/14/2021
AvayaAvaya Social Media HubAffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Workforce Engagement5.3AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaBusiness Rules Engine3.4, 3.5, 3.6, 3.7AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaCallback Assist5, 5.0.1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaControl Manager9.0.2, 9.0.2.1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaDevice Enrollment Service3.1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaEquinox™ Conferencing9.1.2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaInteraction Center7.3.9AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaIP Office™ Platform11.0.4, 11.1, 11.1.1, 11.1.2AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaProactive Outreach Manager3.1.2, 3.1.3, 4, 4.0.1AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AvayaAvaya Aura® Device Services8.0.1, 8.0.2, 8.1.3AffectedNoApache Log4J Vulnerability - Impact for Avaya products Avaya Product Security12/14/2021
AVEPOINTAVEPOINT Notification
AVMAVM Link
AvTech RoomAlertAvTech RoomAlert Article
AWS NewAWS New Security Bulletin
AXONAXON Link
AXS GuardAXS Guard Blog Post
Axways ApplicationsAxways Applications Link
B&R Industrial AutomationAPROLNot AffectedB&R Statement12/16/2021
BaxterUnder InvestigationBaxter Advisory Link12/20/2021
BackBoxBackBox Update
BalbixBalbix Blog Post
Baramundi ProductsBaramundi Products Forum
BarcoBarco Link
BarracudaBarracuda Link
BBraunOutlook® Safety Infusion System Pump familyNot AffectedNoBBraun Advisory Link12/20/2021
BBraunSpace® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® InfusionNot AffectedNoBBraun Advisory Link12/20/2021
BBraunPump, SpaceStation, and Space® Wireless Battery)Not AffectedNoBBraun Advisory Link12/20/2021
BBraunDoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server softwareNot AffectedNoBBraun Advisory Link12/20/2021
BBraunPinnacle® CompounderNot AffectedNoBBraun Advisory Link12/20/2021
BBraunAPEX® CompounderNot AffectedNoBBraun Advisory Link12/20/2021
BDArctic Sun™ AnalyticsNot AffectedNoBD Advisory Link12/20/2021
BDBD Diabetes Care App CloudNot AffectedNoBD Advisory Link12/20/2021
BDBD HealthSight™ Clinical AdvisorNot AffectedNoBD Advisory Link12/20/2021
BDBD HealthSight™ Data ManagerNot AffectedNoBD Advisory Link12/20/2021
BDBD HealthSight™ Diversion ManagementNot AffectedNoBD Advisory Link12/20/2021
BDBD HealthSight™ Infection AdvisorNot AffectedNoBD Advisory Link12/20/2021
BDBD HealthSight™ Inventory Optimization AnalyticsNot AffectedNoBD Advisory Link12/20/2021
BDBD HealthSight™ Medication SafetyNot AffectedNoBD Advisory Link12/20/2021
BDBD Knowledge Portal for Infusion TechnologiesNot AffectedNoBD Advisory Link12/20/2021
BDBD Knowledge Portal for Medication TechnologiesNot AffectedNoBD Advisory Link12/20/2021
BDBD Knowledge Portal for BD Pyxis™ SupplyNot AffectedNoBD Advisory Link12/20/2021
BDBD Synapsys™ Informatics SolutionNot AffectedNoBD Advisory Link12/20/2021
BDBD Veritor™ COVID At Home Solution CloudNot AffectedNoBD Advisory Link12/20/2021
Beckman CoulterUnder InvestigationBeckman Coulter Advisory Link12/20/2021
BenderBender Link
Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR)Vendor Link
BeyondTrustPrivilege Management CloudUnkownFixedBeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)vulnerability has been mitigated on all customer instances as of December 10, 2021KB00165422021-12-15
BeyondTrustPrivilege Management Reporting in BeyondInsight21.2AffectedNoBeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)Until a patch is available, BeyondTrust recommends ensuring access to the instance is restricted and monitoring for anomalous behavior. There is no known exploit path at this time.KB00165422021-12-15
BeyondTrustSecure Remote Access appliancesUnkownNot AffectedBeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)KB00165422021-12-15
BeyondTrust BomgarBeyondTrust Bomgar Link
BisectHostingBisectHosting Link
BitDefenderBitDefender Advisory Link
BitNami By VMwareBitNami By VMware
BitRiseBitRise Post
BitwardenNot AffectedBitwarden Community Link
Black KiteBlack Kite Link
BlanccoBlancco Support Link
BlumiraBlumira Link
BMCBladelogic Database AutomationUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC AMI OpsUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC AMI ProductsUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC CompuwareUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Automation ConsoleUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Business WorkflowsUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Client ManagementUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Cloud CostUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Cloud SecurityUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix CMDBUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Continuous OptimizationUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Control-MUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Digital WorkplaceUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix DiscoveryUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix ITSMUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Knowledge ManagementUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Operations Management with AIOpsUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix PlatformUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix platformUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix RemediateUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix RemediateUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix RemedyforceUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCBMC Helix Virtual AgentUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCCloud Lifecycle ManagementUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCControl-MUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCFootprintsUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCMainView Middleware AdministratorUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCMainView Middleware MonitorUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCRemedy ITSM (IT Service Management)Under InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCSmartITUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrack-It!Under InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrueSight Automation for NetworksUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrueSight Automation for ServersUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrueSight Capacity OptimizationUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrueSight Infrastructure ManagementUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrueSight Operations ManagementUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
BMCTrueSight OrchestrationUnder InvestigationBMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community
Boston ScientificUnder InvestigationBoston Scientific Advisory Link12/20/2021
BoxBox Blog Post
BrainworksBrainworks Link
BrightSignBrightSign Link
BroadcomAdvanced Secure Gateway (ASG)Under InvestigationBroadcom Support Portal
BroadcomAutomic AutomationBroadcome Automic Automation Link
BroadcomBCAAAUnder InvestigationBroadcom Support Portal
BroadcomCA Advanced Authentication9.1Affected
BroadcomCA Risk AuthenticationAffected
BroadcomCA Strong AuthenticationAffected
BroadcomCloud Workload Protection (CWP)Under InvestigationBroadcom Support Portal
BroadcomCloud Workload Protection for Storage (CWP:S)Under InvestigationBroadcom Support Portal
BroadcomCloudSOC Cloud Access Security Broker (CASB)Not AffectedBroadcom Support Portal
BroadcomContent Analysis (CA)Under InvestigationBroadcom Support Portal
BroadcomCritical System Protection (CSP)Under InvestigationBroadcom Support Portal
BroadcomData Center Security (DCS)Not AffectedBroadcom Support Portal
BroadcomData Loss Prevention (DLP)Not AffectedBroadcom Support Portal
BroadcomEmail Security Service (ESS)Under InvestigationBroadcom Support Portal
BroadcomGhost Solution Suite (GSS)Not AffectedBroadcom Support Portal
BroadcomHSM AgentUnder InvestigationBroadcom Support Portal
BroadcomIndustrial Control System Protection (ICSP)Under InvestigationBroadcom Support Portal
BroadcomIntegrated Cyber Defense Manager (ICDm)Under InvestigationBroadcom Support Portal
BroadcomIntegrated Secure Gateway (ISG)Under InvestigationBroadcom Support Portal
BroadcomIT Management SuiteNot AffectedBroadcom Support Portal
BroadcomLayer7 API Developer PortalUnder InvestigationBroadcom Support Portal
BroadcomLayer7 API GatewayNot AffectedBroadcom Support Portal
BroadcomLayer7 Mobile API GatewayNot AffectedBroadcom Support Portal
BroadcomManagement Center (MC)Under InvestigationBroadcom Support Portal
BroadcomPacketShaper (PS) S-SeriesUnder InvestigationBroadcom Support Portal
BroadcomPolicyCenter (PC) S-SeriesUnder InvestigationBroadcom Support Portal
BroadcomPrivileged Access ManagerUnder InvestigationBroadcom Support Portal
BroadcomPrivileged Access Manager Server ControlUnder InvestigationBroadcom Support Portal
BroadcomPrivileged Identity ManagerUnder InvestigationBroadcom Support Portal
BroadcomProxySGNot AffectedBroadcom Support Portal
BroadcomReporterUnder InvestigationBroadcom Support Portal
BroadcomSecure Access Cloud (SAC)Under InvestigationBroadcom Support Portal
BroadcomSecurity Analytics (SA)Not AffectedBroadcom Support Portal
BroadcomSiteMinder (CA Single Sign-On)Under InvestigationBroadcom Support Portal
BroadcomSSL Visibility (SSLV)Under InvestigationBroadcom Support Portal
BroadcomSymantec Control Compliance Suite (CCS)Not AffectedBroadcom Support Portal
BroadcomSymantec DirectoryNot AffectedBroadcom Support Portal
BroadcomSymantec Endpoint Detection and Response (EDR)Under InvestigationBroadcom Support Portal
BroadcomSymantec Endpoint Encryption (SEE)Under InvestigationBroadcom Support Portal
BroadcomSymantec Endpoint Protection (SEP)Under InvestigationBroadcom Support Portal
BroadcomSymantec Endpoint Protection (SEP) for MobileUnder InvestigationBroadcom Support Portal
BroadcomSymantec Endpoint Protection Manager (SEPM)14.3AffectedNoBroadcom Support Portal
BroadcomSymantec Identity Governance and Administration (IGA)Not AffectedBroadcom Support Portal
BroadcomSymantec Mail Security for Microsoft Exchange (SMSMSE)Under InvestigationBroadcom Support Portal
BroadcomSymantec Messaging Gateway (SMG)Under InvestigationBroadcom Support Portal
BroadcomSymantec PGP SolutionsNot AffectedBroadcom Support Portal
BroadcomSymantec Protection Engine (SPE)Under InvestigationBroadcom Support Portal
BroadcomSymantec Protection for SharePoint Servers (SPSS)Under InvestigationBroadcom Support Portal
BroadcomVIPNot AffectedBroadcom Support Portal
BroadcomVIP Authentication HubUnder InvestigationBroadcom Support Portal
BroadcomWeb Isolation (WI)Under InvestigationBroadcom Support Portal
BroadcomWeb Security Service (WSS)Under InvestigationBroadcom Support Portal
BroadcomWebPulseUnder InvestigationBroadcom Support Portal
C4b XPHONEC4b XPHONE Link
CamundaCamunda Forum Link
CarbonBlackCarbonBlack Advisory
CarestreamNot AffectedCarestream Advisory Link12/20/2021
CAS genesisWorldCAS genesisWorld Link
Cato NetworksCato Networks Blog Post
CepheidC360Not AffectedCepheid Advisory Link12/20/2021
CepheidGeneXpertUnder InvestigationCepheid Advisory Link12/20/2021
Cerberus FTPCerberus Article
Chaser SystemsdiscrimiNAT FirewallAllNot AffectedAre Chaser’s products affected
Check PointCloudGuardNot Affected
Check PointHarmony Endpoint & Harmony MobileNot Affected
Check PointInfinity PortalNot Affected
Check PointQuantum Security GatewayNot Affected
Check PointQuantum Security ManagementNot AffectedUses the 1.8.0_u241 version of the JRE that protects against this attack by default.
Check PointSMBNot Affected
Check PointThreatCloudNot Affected
CheckMKCheckMK Forum
CiphermailCiphermail Blog Post
CISCIS Customer Portal
CiscoAppDynamicsAffectedYesVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Common Services Platform CollectorUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Network Services Orchestrator (NSO)AffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco System Architecture Evolution Gateway (SAEGW)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco ACI Multi-Site OrchestratorUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco ACI Virtual EdgeUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Adaptive Security Appliance (ASA) SoftwareUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Advanced Web Security Reporting ApplicationAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco AMP Virtual Private Cloud ApplianceUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco AnyConnect Secure Mobility ClientUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Application Policy Infrastructure Controller (APIC)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco ASR 5000 Series RoutersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Broadcloud CallingUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco BroadWorksUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Catalyst 9800 Series Wireless ControllersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco CloudCenter Suite AdminAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco CloudCenter Workload ManagerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Cognitive IntelligenceUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Computer Telephony Integration Object Server (CTIOS)AffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Connected Grid Device ManagerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Connected Mobile ExperiencesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco ConnectivityUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Contact Center Domain Manager (CCDM)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Contact Center Management Portal (CCMP)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Crosswork Change AutomationAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco CX Cloud Agent SoftwareUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Data Center Network Manager (DCNM)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Defense OrchestratorUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco DNA AssuranceUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco DNA CenterUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco DNA SpacesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoDUO network gateway (on-prem/self-hosted)Under Investigation
CiscoCisco Elastic Services Controller (ESC)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Emergency ResponderUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Enterprise Chat and EmailUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Enterprise NFV Infrastructure Software (NFVIS)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Evolved Programmable Network ManagerAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Extensible Network Controller (XNC)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco FinesseUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Firepower Management CenterUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Firepower Threat Defense (FTD)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco GGSN Gateway GPRS Support NodeUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco HyperFlex SystemUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Identity Services Engine (ISE)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Integrated Management Controller (IMC) SupervisorAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco IntersightUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Intersight Virtual ApplianceAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco IOS and IOS XE SoftwareUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco IoT Operations DashboardUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco IOx Fog DirectorUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco IP Services Gateway (IPSG)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Kinetic for CitiesAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco MDS 9000 Series Multilayer SwitchesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Meeting ServerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco MME Mobility Management EntityUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Modeling LabsUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Network Assessment (CNA) ToolUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Network Assurance EngineUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Network Convergence System 2000 SeriesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Network PlannerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus 5500 Platform SwitchesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus 5600 Platform SwitchesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus 6000 Series SwitchesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus 7000 Series SwitchesUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) modeUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus Dashboard (formerly Cisco Application Services Engine)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus Data BrokerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Nexus InsightsUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Optical Network PlannerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Packaged Contact Center EnterpriseAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Paging Server (InformaCast)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Paging ServerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco PDSN/HA Packet Data Serving Node and Home AgentUnder InvestigationVulnerability in Apache Log4j Library Affecting Cis co Products: December 2021
CiscoCisco PGW Packet Data Network GatewayUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Policy SuiteUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime Central for Service ProvidersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime Collaboration ManagerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime Collaboration ProvisioningUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime InfrastructureUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime License ManagerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime NetworkUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime Optical for Service ProvidersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime ProvisioningUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Prime Service CatalogUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Registered Envelope ServiceUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco SD-WAN vEdge 1000 Series RoutersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco SD-WAN vEdge 2000 Series RoutersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco SD-WAN vEdge 5000 Series RoutersUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco SD-WAN vEdge Cloud Router PlatformUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco SD-WAN vManageUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Secure Network Analytics (SNA), formerly StealthwatchUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco SocialMinerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco TelePresence Management SuiteUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco UCS DirectorAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco UCS Performance ManagerUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco UmbrellaAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Attendant Console AdvancedUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Attendant Console Business EditionUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Attendant Console Department EditionUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Attendant Console Enterprise EditionUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Attendant Console Premium EditionUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Communications Manager CloudAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Contact Center Enterprise - Live Data serverAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Contact Center EnterpriseAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Contact Center ExpressUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified Intelligent Contact Management EnterpriseAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Unified SIP Proxy SoftwareAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Video Surveillance Operations ManagerAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Virtual Topology System - Virtual Topology Controller (VTC) VMUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Virtualized Voice BrowserUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Vision Dynamic Signage DirectorUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco WAN Automation Engine (WAE)AffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Web Security Appliance (WSA)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Webex Cloud-Connected UC (CCUC)AffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Webex Meetings ServerAffectedNoVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Webex TeamsUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoCisco Wide Area Application Services (WAAS)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoDuoNot AffectedYesVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
Ciscoduo network gateway (on-prem/self-hosted)Under Investigation
CiscoExony Virtualized Interaction Manager (VIM)Under InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CiscoManaged Services Accelerator (MSX) Network Access Control ServiceUnder InvestigationVulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
CitrixCirtix Article
CitrixCitrix ADCUnder Investigationhttps://support.citrix.com/article/CTX335705
CitrixCitrix Endpoint ManagementUnder Investigationhttps://support.citrix.com/article/CTX335705
CitrixCitrix GatewayUnder Investigationhttps://support.citrix.com/article/CTX335705
CitrixCitrix SD-WANUnder Investigationhttps://support.citrix.com/article/CTX335705
CitrixCitrix Virtual Apps and DesktopsUnder Investigationhttps://support.citrix.com/article/CTX335705
ClarisClaris Article
ClouderaAM2CM ToolNot Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaAmbariOnly versions 2.x, 1.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaArcadia EnterpriseOnly version 7.1.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCDH, HDP, and HDFOnly version 6.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCDP Operational Database (COD)Not Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCDP Private Cloud BaseOnly version 7.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCDS 3 Powered by Apache SparkAll versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCDS 3.2 for GPUsAll versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Cybersecurity PlatformAll versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Engineering (CDE)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Engineering (CDE)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Flow (CFM)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Science Workbench (CDSW)Only versions 2.x, 3.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Visualization (CDV)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Warehouse (CDW)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Data Warehouse (CDW)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera DataFlow (CDF)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Edge Management (CEM)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera EnterpriseOnly version 6.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Flow Management (CFM)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Machine Learning (CML)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Machine Learning (CML)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager)Only versions 7.0.x, 7.1.x, 7.2.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Manager (Including Backup Disaster Recovery (BDR))Not Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Runtime (including Cloudera Data Hub and all Data Hub templates)Only versions 7.0.x, 7.1.x, 7.2.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Stream Processing (CSP)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Streaming Analytics (CSA)Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaCloudera Streaming Analytics (CSA)Not Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaData Analytics Studio (DAS)Under Investigationhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaData CatalogNot Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaData Lifecycle Manager (DLM)Not Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaData Steward Studio (DSS)All versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaHortonworks Data Flow (HDF)Not Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaHortonworks Data Platform (HDP)Only versions 7.1.x, 2.7.x, 2.6.xAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaHortonworks DataPlane PlatformNot Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaManagement ConsoleAll versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaManagement Console for CDP Public CloudNot Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaReplication ManagerAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaSmartSenseUnder Investigationhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaWorkload ManagerNot Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaWorkload XM (SaaS)Not Affectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
ClouderaWorkload XMAll versionsAffectedhttps://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
CloudFlareCloudFlare Blog Post
Cloudian HyperStoreCloudian Article
CloudoguEcosystemAllAffectedYesCloudogu Community
CloudoguSCM-ManagerNot AffectedSCM-Manager Blog
CloudronCloudron Forum
CloverClover Article
Code42Crashplan8.8, possibly prior versionsFixedYesCode42 Release NotificationI think, they don't specify in the notice, but we know that they released an updated Crashplan client. Possibly prior versions affected.12/16/2021
CodeBeamerCodeBeamer Link
CodesysCodesys News
CohesityCohesity Support Link
CommVaultCommVault Documentation
ConcreteCMS.comConcreteCMS.com Link
ConfluentConfluent CloudN/AFixedDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent Platform<7.0.1AffectedYesDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent for KubernetesN/ANot AffectedDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent Kafka ConnectorsN/ANot AffectedN/ADecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent ElasticSearch Sink Connector<11.1.7AffectedYesDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent Google DataProc Sink Connector<1.1.5AffectedYesDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent Splunk Sink Connector<2.05AffectedYesDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent HDFS 2 Sink Connector<10.1.3AffectedYesDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent HDFS 3 Sink Connector<1.1.8AffectedDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
ConfluentConfluent VMWare Tanzu GemFire Sink Connector<1.0.8AffectedYesDecember 2021 Log4j Vulnerabilities Advisory12/17/2021
Connect2idConnect2id Blog Post
ConnectWiseConnectWise Advisory Link
ContrastSecurityContrastSecurity Article
ControlUpControlUp Link
COPADATACOPADATA Support Services
CouchBaseCouchBase Forums
CPanelCPanel Forms
CradlepointCradlepoint
CrestronNot AffectedCrestron Advisory12/20/2021
CrushFTPCrushFTP Link
CryptShareCryptshare Support Link
CyberArkPrivileged Threat Analytics (PTA)N/AFixedYesCyberArk Customer ForceThis advisory is available to customers only and has not been reviewed by CISA.12/14/2021
CybereasonCybereason Blog Post
CyberResCyberRes Community Link
Cydar MedicalNot AffectedCydar Advisory Link12/21/2021
DarkTraceDarkTrace Customer Portal
Dassault SystèmesDassault Systemes Link
DatabricksDatabricks Google Doc
DatadogDatadog Agent>=6.17.0, <=6.32.2, >=7.17.0, <=7.32.2FixedYesDatadog Log4j Vulnerability Update
DataminerDataminer Community Link
DatevDatev Community Link
DattoDatto Link
dCache.orgdCache.org Link
DebianDebian Tracker Link
DeepinstinctDeepinstinct Link
DellAlienware Command CenterN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellAlienware OC ControlsN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellAlienware On Screen DisplayN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellAlienware UpdateN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellAtmosN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellAzure Stack HCIN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCalMAN Powered Calibration FirmwareN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCalMAN Ready for DellN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCenteraN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellChameleon Linux Based DiagnosticsN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellChassis Management Controller (CMC)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellChina HDD DeluxeN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCloud Mobility for Dell EMC StorageN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCloud Tiering ApplianceN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellConnectrix (Cisco MDS 9000 switches)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellConnextrix B SeriesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCyberSecIQ ApplicationN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellCyberSense for PowerProtect Cyber RecoveryN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell BSAFE Crypto-C Micro EditionN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell BSAFE Crypto-JN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell BSAFE Micro Edition SuiteN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Calibration AssistantN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Cinema ColorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Cloud Command Repository ManagerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Cloud Management AgentN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Color ManagementN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command ConfigureN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command Integration Suite for System CenterN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command Intel vPro Out of BandN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command MonitorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command Power ManagerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command PowerShell ProviderN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Command UpdateN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Customer ConnectN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Data Guardian*N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Data Protection*N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Data Recovery EnvironmentN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Data VaultN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Data Vault for Chrome OSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Deployment AgentN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Digital DeliveryN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Direct USB KeyN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Display Manager 1.5 for Windows / macOSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Display Manager 2.0 for Windows / macOSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC AppSyncN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC CloudboostN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC CloudLinkN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Container Storage ModulesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Data Computing Appliance (DCA)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Data Protection AdvisorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC DataIQN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Disk Library for MainframeN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC GeoDriveN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Isilon InsightIQN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC License ManagerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Networking OnieN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC OpenManage Ansible ModulesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC OpenManage integration for SplunkN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC OpenManage Integration for VMware vCenterN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC OpenManage Management pack for vRealize OperationsN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC OpenManage Operations Connector for Micro Focus Operations Bridge ManagerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
Dell"Dell EMC PowerMax VMAX VMAX3 and VMAX AFA"N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerPathN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerPath Management ApplianceN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerProtect Cyber RecoveryN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerScale OneFSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerShell for PowerMaxN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerShell for PowerstoreN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerShell for UnityN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
Dell"Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC"N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerVault ME4 Series Storage ArraysN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC PowerVault MD3 Series Storage ArraysN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Repository Manager (DRM)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC SourceOneN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Systems Update (DSU)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Unisphere 360N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC Virtual Storage IntegratorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC VPLEXN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell EMC XtremION/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Encryption Enterprise*N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Encryption Personal*N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Endpoint Security Suite Enterprise*N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Hybrid ClientN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell ImageAssistN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Insights ClientN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Linux AssistantN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Mobile ConnectN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Monitor ISP (Windows/Mac/Linux)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Monitor SDKN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Networking X-SeriesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Open Manage MobileN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Open Manage Server AdministratorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell OpenManage Change ManagementN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell OpenManage Enterprise Power Manager PluginN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell OptimizerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell OS Recovery ToolN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Peripheral Manager 1.4 / 1.5 for WindowsN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Platform ServiceN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Power ManagerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Power Manager LiteN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Precision OptimizerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Precision Optimizer for LinuxN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Premier ColorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Recovery (Linux)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Remediation PlatformN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Remote Execution Engine (DRONE)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Security Advisory Update - DSA-2021-088N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Security Management Server & Dell Security Management Server Virtual*N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell SupportAssist SOSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Thin OSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Threat DefenseN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell True ColorN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell Trusted DeviceN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDell UpdateN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDream CatcherN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDUP Creation ServiceN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellDUP Framework (ISG)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellEmbedded NASN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellEmbedded Service EnablerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellEquallogic PSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellFluid FSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DelliDRAC Service Module (iSM)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellInfinity MLK (firmware)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellIntegrated Dell Remote Access Controller (iDRAC)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellISG AcceleratorsN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellISG Board & ElectricalN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellIsilonSD Management ServerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellIVE-WinDiagN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellMainframe EnablersN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellMy DellN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellMyDell MobileN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetWorker Management ConsoleN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking BIOSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking DIAGN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking N-SeriesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking OS 10N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking OS9N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking SD-WAN Edge SD-WANN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking W-SeriesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellNetworking X-SeriesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOMIMSSC (OpenManage Integration for Microsoft System Center)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOMNIAN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOpenManage Connections - NagiosN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOpenManage Connections - ServiceNowN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOpenManage Integration for Microsoft System Center for System Center Operations ManagerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOpenManage Integration with Microsoft Windows Admin CenterN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellOpenManage Network IntegrationN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPowerConnect N3200N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPowerConnect PC2800N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPowerConnect PC8100N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPowerEdge BIOSN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPowerEdge Operating SystemsN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPowerTools AgentN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPPDM Kubernetes cProxyN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellPPDM VMware vProxyN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellRedtailN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellRemotely AnywhereN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellRiptide (firmware)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellRugged Control Center (RCC)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSD ROM UtilityN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSDNASN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
Dell"""Server Storage"""N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSmart Fabric Storage SoftwareN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSmartByteN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSMI-SN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSoftware RAIDN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSolutions EnablerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSolutions Enabler vAppN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSonicN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSRS VEN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellStorage Center OS and additional SC applications unless otherwise notedN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSupportAssist Client CommercialN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellSupportAssist Client ConsumerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellUCC EdgeN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellUnisphere for PowerMaxN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellUnisphere for PowerMax vAppN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellUnisphere for VMAXN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellUnisphere for VNXN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellUpdate Manager PluginN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellViPR ControllerN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellVNX1N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellVNX2N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellVPLEX VS2/VS6 / VPLEX WitnessN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellVsan Ready NodesN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellWarnado MLK (firmware)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellWyse Proprietary OS (ThinOS)N/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellWyse Windows Embedded SuiteN/ANot AffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)12/15/2021
DellAPEX ConsoleN/AFixedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Cloud environment patched12/15/2021
DellAPEX Data Storage ServicesAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Cloud environment patch in progress12/15/2021
DellCloud IQFixedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Cloud environment patched12/15/2021
DellConnectrix (Cisco MDS DCNM)AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/23/2112/15/2021
DellConnectrix B-Series SANnav2.1.1AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 3/31/202212/15/2021
DellData Domain OSVersions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-27412/15/2021
DellDell EMC Avamar"18.2 19.1 19.2 19.3 19.4"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/20/2112/15/2021
DellDell EMC BSN Controller NodeAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30512/15/2021
DellDell EMC Cloud Disaster RecoveryN/AAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC Data Protection CentralAffectedDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021- 26912/15/2021
DellDell EMC Data Protection SearchVersions before 19.5.0.7AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-27912/15/2021
DellDell EMC ECSAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/18/2112/15/2021
DellEnterprise Hybrid CloudAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)link12/15/2021
DellDell EMC Enterprise Storage Analytics for vRealize Operations"<6.0.0 6.1.0 6.2.x"AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-27812/15/2021
DellDell EMC Integrated System for Azure Stack HCIN/AAffectedN/ADell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)"Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. Apply workaround guidance and remediations as they become available:12/15/2021
DellDell EMC Integrated System for Microsoft Azure Stack HubN/AAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC NetWorker Virtual Edition"19.5.x 19.4.x 19.3.x"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/20/2112/15/2021
DellDell EMC NetWorker Server"19.5.x 19.4.x 19.3.x"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/20/2112/15/2021
DellDell EMC Networking Virtual Edge Platform with VersaOS"with Versa Concerto with Versa Analytics with Versa Concero Director"AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30412/15/2021
DellDell EMC PowerFlex Appliance"All versions up to Intelligent Catalog 38_356_00_r10.zip All versions up to Intelligent Catalog 38_362_00_r7.zip"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC PowerFlex Software (SDS)"3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC PowerFlex RackN/AAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC PowerProtect Data ManagerAll versions 19.9 and earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC PowerProtect DP Series Appliance (iDPA)2.7.0 and earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC PowerStoreAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/23/2112/15/2021
DellDell EMC RecoverPoint for Virtual MachineAll 5.0.x and later versionsAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC RecoverPoint ClassicAll 5.1.x and later versionsAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell EMC SRM vAppVersions before 4.6.0.2AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 1/25/202212/15/2021
DellDell EMC Streaming Data PlatformAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/18/2112/15/2021
DellDell EMC UnityAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/29/2112/15/2021
DellDell EMC Metro Node7.0.xAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30812/15/2021
DellDell EMC VxRail"4.5.x 4.7.x 7.0.x"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellDell Open Management Enterprise - Modular<1.40.10AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-26812/15/2021
DellDellEMC OpenManage Enterprise ServicesAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/20/2112/15/2021
DellOpenManage EnterpriseAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellDell EMC Ruckus SmartZone 300 ControllerAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30312/15/2021
DellDell EMC Ruckus SmartZone 100 ControllerAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30312/15/2021
DellDell EMC Ruckus Virtual SoftwareAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30312/15/2021
DellSecure Connect Gateway (SCG) Appliance"5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)"AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-28212/15/2021
DellSecure Connect Gateway (SCG) Policy Manager"5.00.00.10 5.00.05.10"AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-28112/15/2021
DellSRS Policy Manager7AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellStorage Center - Dell Storage ManagerAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending12/15/2021
DellSupportAssist EnterpriseAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/23/2112/15/2021
DellUnisphere CentralAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 1/10/202212/15/2021
DellVblockAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch pending See vce6771 (requires customer login)12/15/2021
DellVNXe 1600Versions 3.1.16.10220572 and earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellVNXe 3200Version 3.1.15.10216415 and earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellVxBlockAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)"Patch pending See vce6771 (requires customer login) "12/15/2021
DellvRealize Orchestrator (vRO) Plug-ins for Dell EMC StorageVariousAffectedDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30012/15/2021
DellvRO Plugin for Dell EMC PowerMaxVersion 1.2.3 or earlierAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30012/15/2021
DellvRO Plugin for Dell EMC PowerScaleVersion 1.1.0 or earlierAffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30012/15/2021
DellvRO Plugin for Dell EMC PowerStoreVersion 1.1.4 or earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30012/15/2021
DellvRO Plugin for Dell EMC UnityVersion 1.0.6 or earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30012/15/2021
DellvRO Plugin for Dell EMC XtremIOVersion 4.1.2 or earlierAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-30012/15/2021
DellvRealize Data Protection Extension Data ManagementAffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellvRealize Data Protection Extension for vRealize Automation (vRA) 8.x"version 19.6 version 19.7 version 19.8 and version 19.9"AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellVMware vRealize Automation 8.x"8.2 8.3 8.4 8.5 and 8.6"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellVMware vRealize Orchestrator 8.x"8.2 8.3 8.4 8.5 and 8.6"AffectedNoDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)Patch expected by 12/19/2112/15/2021
DellWyse Management Suite<3.5AffectedYesDell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)See DSA-2021-26712/15/2021
DenequaDenequa Link
Device42Device42 Link
DevolutionsAll productsNot Affectedhttps://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/
DevolutionsAll productsNot Affectedhttps://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/
Diebold NixdorfDiebold Nixdorf Link
DigicertDigicert Link
Digi InternationalCTEK G6200 familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalCTEK SkyCloudNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalCTEK Z45 familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi 54xx familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi 63xx familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi AnywhereUSB (G2) familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi AnywhereUSB Plus familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Connect familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Connect EZ familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Connect IT familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi ConnectPort familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi ConnectPort LTS familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Connect Sensor familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Connect WS familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Embedded AndroidNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Embedded YoctoNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi EX routersNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi IX routersNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi LR54Not AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi One familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Passport familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi PortServer TS familyNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi TX routersNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi WR11Not AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi WR21Not AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi WR31Not AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi WR44R/RRNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi WR54Not AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi WR64Not AffectedDigi International Advisory Link12/21/2021
Digi InternationalAnywhereUSB ManagerNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalAviewNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalARMTNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalAVWOBNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi NavigatorNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Remote ManagerNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalDigi Xbee mobile appNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalLighthouseNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalRealportNot AffectedDigi International Advisory Link12/21/2021
Digi InternationalRemote Hub Config UtilityNot AffectedDigi International Advisory Link12/21/2021
Digital AIDigital AI Article
DNSFilterDNSFilter Blog Post
DockerDocker Blog Post
DocusignDocusign Alert
DrayTekVigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor PlatformNot AffectedDrayTek Statement12/15/2021
DSpaceDSpace Google Group
DynatraceManaged cluster nodesAffected
DynatraceManaged cluster nodesAffected
DynatraceSynthetic ActivegatesAffected
DynatraceSynthetic ActivegatesAffected
EasyRedmineEasyRedmine News
EatonUndisclosedUndisclosedAffectedSecurity BulletinDoesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall.
EclecticIQEclecticIQ Advisory
Eclipse FoundationEclipse Foundation Wiki
EFIEFI Link
EGroupwareEGroupware Link
ElasticAPM Java AgentUnder InvestigationApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticAPM ServerNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticBeatsNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticCmdNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic AgentNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic Cloud EnterpriseUnder InvestigationApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic Cloud EnterpriseUnder InvestigationApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic Cloud on KubernetesNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic CloudUnder InvestigationApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic EndgameNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElastic Maps ServiceNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticElasticsearch5,6,8AffectedYesApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticEndpoint SecurityNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticEnterprise SearchNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticFleet ServerNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticKibanaNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticLogstash<6.8.21,<7.16.1AffectedYesApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticMachine LearningNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticSwiftypeNot AffectedApache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-3112/15/2021
ElasticSearchall productsNot Affected
ElektaUnknownElekta Advisory LinkElekta Advisories are available in the customer portal (login required)12/21/2021
EllucianBanner AnalyticsAffectedNoEllucian Response on Apache Log4j Issue12/17/2021
EllucianColleagueAffectedNoEllucian Response on Apache Log4j IssueOn-prem and cloud deployements expect fixed 12/18/202112/17/2021
EllucianAdminNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEnterprise Identity Services(BEIS)Not AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianBanner Integration for eLearningNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianBanner Integration for eProcurementNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianBanner WorkflowNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianBanner Document Management (includes Banner Document Retention)Not AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Advance Web ConnectorNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian eTranscriptsNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian MobileNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Solution ManagerNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianBanner Event PublisherNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianBanner Self ServiceNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianColleague AnalyticsNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianCRM AdvanceNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianCRM AdviseNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianCRM RecruitNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Data AccessNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Design PathNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian ePrintNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Ethos API & API Management CenterNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Ethos ExtendNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Ethos IntegrationNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian ExperienceNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Intelligent Platform (ILP)Not AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian International Student and Scholar Management (ISSM)Not AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Message Service (EMS)Not AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Messaging Adapter (EMA)Not AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Payment GatewayNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian Ellucian PortalNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian WorkflowNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EllucianEllucian PowerCampusNot AffectedEllucian Response on Apache Log4j Issue12/17/2021
EmersonEmerson Cyber Security Notification
EnterpriseDTEnterpriseDT Statement
ESETESET Statement
ESRIArcGIS Data StoreAllFixedYeshttps://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions12/17/2021
ESRIArcGIS EnterpriseAllFixedYeshttps://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions12/17/2021
ESRIArcGIS GeoEvent ServerAllFixedYeshttps://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions12/17/2021
ESRIArcGIS ServerAllFixedYeshttps://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions12/17/2021
ESRIArcGIS Workflow Manager ServerAllFixedYeshttps://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions12/17/2021
ESRIPortal for ArcGISAllFixedYeshttps://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions12/17/2021
EstosEstos Support Statement
Evolveum MidpointEvolveum Midpoint Statement
EwonEwon Statement
ExabeamExabeam StatementThis advisory is available to customers only and has not been reviewed by CISA
ExactExact Statement
ExivityExivity Statement
ExtraHopReveal(x)<=8.4.6, <=8.5.3, <=8.6.4AffectedYesExtraHop StatementContains vulnerable code but not likely to get unauthenticated user input to the log4j component.12/14/2021
eXtreme HostingeXtreme Hosting Statement
Extreme NetworksExtreme Networks Statement
ExtronExtron Statement
F-SecureElements ConnectorAffectedYesThe Log4J Vulnerability (CVE-2021-44228) – which F-Secure products are affected, what it means, what steps should you take - F-Secure Community
F-SecureEndpoint Proxy13-15AffectedYesF-Secure services Status - 0-day exploit found in the Java logging package log4j2
F-SecureMessaging Security GatewayAffectedYesThe Log4J Vulnerability (CVE-2021-44228) – which F-Secure products are affected, what it means, what steps should you take - F-Secure Community
F-SecurePolicy Manager13-15AffectedYesF-Secure services Status - 0-day exploit found in the Java logging package log4j2
F-SecurePolicy Manager Proxy13-15AffectedYesF-Secure services Status - 0-day exploit found in the Java logging package log4j2
F5BIG-IP (all modules)11.x - 16.xNot AffectedF5 Security Advisory
F5BIG-IQ Centralized Management7.x-8.xNot AffectedF5 Security Advisory
F5F5OS1.xNot AffectedF5 Security Advisory
F5Traffix SDC5.x (5.2.0 CF1, 5.1.0 CF-30 - 5.1.0 CF-33)AffectedNoF5 Security AdvisoryVulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System
F5NGINX PlusR19 - R25Not AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX Open Source1.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX Unit1.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX App Protect3.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX Controller3.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX Ingress Controller1.x - 2.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX Instance Manager1.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
F5NGINX Service Mesh1.xNot AffectedF5 Security Advisory (CVE-2021-44228)F5 Security Advisory (CVE-2021-45046)
FAST LTAFAST LTA Statement
FastlyFastly Statement
FedExShip Manager SoftwareUnknownAffected/Under InvestigationFedEx StatementNote: FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative.12/15/2021
FiixFiix CMMS Corev5FixedPN1579 - Log4Shell Vulnerability NoticeThe product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required.12/15/2021
FileCapFileCapStatement
FileCatalystFileCatalyst Statement
FileCloudFileCloud Statement
FileWaveFileWave Statement
FINVIFINVI Statement
FireDaemonFireDemon Statement
Fisher & Paykel HealthcareNot AffectedFisher & Paykel Healthcare Advisory Link12/21/2021
FlexagonFlexagon Statement
FlexeraFlexera Statement
ForcepointDLP ManagerAffectedLogin (forcepoint.com)
ForcepointForcepoint Cloud Security Gateway (CSG)Not AffectedLogin (forcepoint.com)
ForcepointNext Generation Firewall (NGFW)Not AffectedLogin (forcepoint.com)
ForcepointNext Generation Firewall, NGFW VPN Client, Forcepoint User ID service and SidewinderNot AffectedLogin (forcepoint.com)
ForcepointOne EndpointNot AffectedLogin (forcepoint.com)
ForcepointSecurity Manager (Web, Email and DLP)AffectedLogin (forcepoint.com)
ForescoutForescout Statement
ForgeRockAutonomous IdentityAffectedSecurity Advisories - Knowledge - BackStage (forgerock.com)all other ForgeRock products Not vulnerable
FortinetFortiAIOpsAffectedPSIRT Advisories FortiGuard
FortinetFortiAnalyzerNot AffectedPSIRT Advisories FortiGuard
FortinetFortiAnalyzer CloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiAPNot AffectedPSIRT Advisories FortiGuard
FortinetFortiAuthenticatorNot AffectedPSIRT Advisories FortiGuard
FortinetFortiCASBAffectedPSIRT Advisories FortiGuard
FortinetFortiConvertorAffectedPSIRT Advisories FortiGuard
FortinetFortiDeceptorNot AffectedPSIRT Advisories FortiGuard
FortinetFortiEDR AgentNot AffectedPSIRT Advisories FortiGuard
FortinetFortiEDR CloudAffectedPSIRT Advisories FortiGuard
FortinetFortiGate CloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiGSLB CloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiMailNot AffectedPSIRT Advisories FortiGuard
FortinetFortiManagerNot AffectedPSIRT Advisories FortiGuard
FortinetFortiManager CloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiNACAffectedPSIRT Advisories FortiGuard
FortinetFortiNACAffectedPSIRT Advisories FortiGuard
FortinetFortiOS (includes FortiGate & FortiWiFi)Not AffectedPSIRT Advisories FortiGuard
FortinetFortiPhish CloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiPolicyAffectedPSIRT Advisories FortiGuard
FortinetFortiPortalAffectedPSIRT Advisories FortiGuard
FortinetFortiRecorderNot AffectedPSIRT Advisories FortiGuard
FortinetFortiSIEMAffectedPSIRT Advisories FortiGuard
FortinetFortiSOARAffectedPSIRT Advisories FortiGuard
FortinetFortiSwicth Cloud in FortiLANCloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiSwitch & FortiSwitchManagerNot AffectedPSIRT Advisories FortiGuard
FortinetFortiToken CloudNot AffectedPSIRT Advisories FortiGuard
FortinetFortiVoiceNot AffectedPSIRT Advisories FortiGuard
FortinetFortiWeb CloudNot AffectedPSIRT Advisories FortiGuard
FortinetShieldXAffectedPSIRT Advisories FortiGuard
FTAPIFTAPI Statement
FujitsuFujitsu Statement
FusionAuthFusionAuth1.32Not Affectedlog4j CVE: How it affects FusionAuth (TLDR: It doesn't) - FusionAuth
GE HealthcareUnder InvestigationGE Healthcare Advisory Link12/21/2021
GearsetGearset Statement
GenesysGenesys Statement
GeoServerGeoServer Announcement
Gerrit code reviewGerrit Statement
GFIGFI Statement
GhidraGhidra Statement
GitHubGitHub Statement
GitLabGitLab Statement
GlobusGlobus Statement
GoAnywhereMFT< 6.8.6AffectedYesGoAnywhere Statement12/18/2021
GoAnywhereGateway< 2.8.4AffectedYesGoAnywhere Statement12/18/2021
GoAnywhereMFT Agents< 1.6.5AffectedYesGoAnywhere Statement12/18/2021
GoCDGoCD Statement
Google Cloud Armor WAFGoogle Statement
Google Cloud Global Products coverageGoogle Statement
GradleGradleNot AffectedNoGradle Blog - Dealing with the critical Log4j vulnerabilityGradle Scala Compiler Plugin depends upon log4j-core but it is not used.
GradleGradle Enterprise< 2021.3.6AffectedYesGradle Enterprise Security Advisories - Remote code execution vulnerability due to use of Log4j2
GradleGradle Enterprise Build Cache Node< 10.1AffectedYesGradle Enterprise Security Advisories - Remote code execution vulnerability due to use of Log4j2
GradleGradle Enterprise Test Distribution Agent< 1.6.2AffectedYesGradle Enterprise Security Advisories - Remote code execution vulnerability due to use of Log4j2
GrafanaGrafana Statement
GrandstreamGrandstream Statement
GraviteeAccess Management3.10.xNot AffectedNo About the Log4J CVSS 10 Critical Vulnerability 
GraviteeAccess Management3.5.xNot AffectedNo About the Log4J CVSS 10 Critical Vulnerability 
GraviteeAPI Management3.10.xNot AffectedNo About the Log4J CVSS 10 Critical Vulnerability 
GraviteeAPI Management3.5.xNot AffectedNo  About the Log4J CVSS 10 Critical Vulnerability 
GraviteeAlert Engine1.5.xNot AffectedYes  About the Log4J CVSS 10 Critical Vulnerability 
GraviteeAlert Engine1.4.xNot AffectedNo  About the Log4J CVSS 10 Critical Vulnerability 
GraviteeCockpit1.4.xNot AffectedNo About the Log4J CVSS 10 Critical Vulnerability 
Gravitee.ioGravitee.io Statement
GravwellGravwell Statement
GraylogGraylog ServerAll versions >= 1.2.0 and <= 4.2.2AffectedYesGraylog Update for Log4j
GreenShotGreenShot Statement
GuidewireGuidewire Statement
HAProxyHAProxy Statement
HarmanPro AMXHarmanPro AMX Statement
HashiCorpBoundaryNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpConsulNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpConsul EnterpriseNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpNomadNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpNomad EnterpriseNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpPackerNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpTerraformNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpTerraform EnterpriseNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpVagrantNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpVaultNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpVault EnterpriseNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HashiCorpWaypointNot AffectedHashiCorp security bulletin re. CVE-2021-44228
HCL SoftwareBigFix Compliance2.0.1 - 2.0.4FixedKB with fixNot Affected for related CVE-2021-45046Forum post with more specifics12/15/2021
HCL SoftwareBigFix InsightsAllNot AffectedKBNot Affected for related CVE-2021-4504612/15/2021
HCL SoftwareBigFix Insights for Vulnerability RemediationAllNot AffectedKBNot Affected for related CVE-2021-4504612/15/2021
HCL SoftwareBigFix Inventory< 10.0.7FixedKB with fixNot Affected for related CVE-2021-4504612/15/2021
HCL SoftwareBigFix LifecycleAllNot AffectedKBNot Affected for related CVE-2021-4504612/15/2021
HCL SoftwareBigFix MobileAllNot AffectedKBNot Affected for related CVE-2021-4504612/15/2021
HCL SoftwareBigFix PatchAllNot AffectedKBNot Affected for related CVE-2021-4504612/15/2021
HelpSystems ClearswiftHelpSystems Clearswift
HexagonHexagon Statement
HikvisionHikvision
Hitachi VantaraHitachi Vantara
HoneywellHoneywell Statement
HPTeradici Cloud Access Controller< v113FixedYesApache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK2021-12-17
HPTeradici EMSDK< 1.0.6FixedYesApache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK2021-12-17
HPTeradici Management Console< 21.10.3FixedYesApache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK2021-12-17
HPTeradici PCoIP Connection Manager< 21.03.6, < 20.07.4FixedYesApache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK2021-12-17
HPTeradici PCoIP License ServerNot AffectedApache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK2021-12-17
HPE3PAR StoreServ ArraysNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAirWave Management PlatformNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAlletra 6000Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAlletra 9kNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba CentralNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba ClearPass Policy ManagerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba ClearPass Policy ManagerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba Instant (IAP)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba Location ServicesNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba NetEditNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba PVOS SwitchesNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba SDN VAN ControllerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba User Experience Insight (UXI)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEAruba VIA ClientNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEArubaOS-CX switchesNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEArubaOS-S switchesNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEArubaOS SD-WAN Controllers and GatewaysNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEArubaOS Wi-Fi Controllers and GatewaysNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEBladeSystem Onboard AdministratorNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEBrocade 16Gb Fibre Channel SAN Switch for HPE SynergyNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEBrocade 16Gb SAN Switch for HPE BladeSystem c-ClassNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEBrocade 32Gb Fibre Channel SAN Switch for HPE SynergyNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEBrocade Network AdvisorNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECloudAuthNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECloudPhysicsNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECompute Cloud ConsoleNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECompute operations manager- FW UPDATE SERVICENot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECOS (Cray Operating System)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECray Systems Management (CSM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPECustom SPP Portal LinkNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEData Services Cloud ConsoleNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHarmony Data PlatformNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHOP public services (grafana, vault, rancher, Jenkins)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN2600B SAN Extension SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN4000B SAN Extension SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN6000B Fibre Channel SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN6500B Fibre Channel SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN6600B Fibre Channel SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN6650B Fibre Channel SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE B-series SN6700B Fibre Channel SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Customer Experience Assurance (CEA)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Hardware Support Manager plug-in for VMware vSphere Lifecycle ManagerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Home Location Register (HLR/I-HLR)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Infosight for ServersNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Integrated Home Subscriber Server (I-HSS)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Intelligent Messaging (IM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Intelligent Network Server (INS)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Multimedia Services Environment (MSE)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE OC Convergent Communications Platform (OCCP)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE OC Media Platform Media Resource Function (OCMP-MRF)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE OC Service Access Controller (OC SAC)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE OC Service Controller (OCSC)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE OC Universal Signaling Platform (OC-USP-M)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE OneViewNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE OneView for VMware vRealize Operations (vROps)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE OneView Global DashboardNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Performance Cluster Manager (HPCM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Performance Manager (PM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Position Determination Entity (PDE)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Secure Identity Broker (SIB)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Service Activator (SA)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Service Governance Framework (SGF)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Service Orchestration Manager (SOM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Service Provisioner (SP)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Short Message Point-to-Point Gateway (SMPP)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE SlingshotNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Smart Interaction Server (SIS)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE SN3000B Fibre Channel SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE SN8000B 4-Slot SAN Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE SN8000B 8-Slot SAN Backbone Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE SN8600B 4-Slot SAN Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE SN8600B 8-Slot SAN Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE SN8700B 4-Slot Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE SN8700B 8-Slot Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Subscriber, Network, and Application Policy (SNAP)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Subscription Manager (SM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Synergy Image StreamerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Systems Insight Manager (SIM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Telecom Application Server (TAS)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Unified Correlation and Automation (UCA)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Unified Mediation Bus (UMB)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Unified OSS Console (UOC)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Unified Topology Manager (UTM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Universal Identity Repository (VIR)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Universal SLA Manager (uSLAM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Virtual ConnectNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Virtual Connect Enterprise Manager (VCEM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Virtual Provisioning Gateway (vPGW)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Virtual Server Environment (VSE)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEHPE Virtual Subscriber Data Management (vSDM)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE WebRTC Gateway Controller (WGW)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-14
HPEHPE Wi-Fi Authentication Gateway (WauG)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEInsight Cluster Management Utility (CMU)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrated Lights-Out (iLO) Amplifier PackNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrated Lights-Out 4 (iLO 4)4Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrated Lights-Out 5 (iLO 5)5Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrity BL860c, BL870c, BL890cNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrity Rx2800/Rx2900Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrity Superdome 2Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntegrity Superdome XNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEIntelligent ProvisioningNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEiSUT integrated smart update toolNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEMaven Artifacts (Atlas)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEMSANot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPENetEditNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPENimble StorageNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPENS-T0634-OSM CONSOLE TOOLSNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPENS-T0977-SCHEMA VALIDATORNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEOfficeConnectNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEPrimera StorageNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPERepoServer part of OPA (on Premises aggregator)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEResource Aggregator for Open Distributed Infrastructure ManagementNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPERESTful Interface Tool (iLOREST)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESAT (System Admin Toolkit)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEScripting Tools for Windows PowerShell (HPEiLOCmdlets)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESGI MC990 X ServerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESGI UV 2000 ServerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESGI UV 300, 300H, 300RL, 30EXNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESGI UV 3000 ServerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESN8700B 8-Slot Director SwitchNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEStoreEasyNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEStoreEver CVTLNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEStoreEver LTO Tape DrivesNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEStoreEver MSL Tape LibrariesNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEStoreOnceNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESUM (Smart Update Manager)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESuperdome Flex 280Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPESuperdome Flex ServerNot Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HPEUAN (User Access Node)Not Affected(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228Support Communication Cross Reference ID: SIK73872021-12-12
HOLOGICAdvanced Workflow Manager (AWM)AffectedNoHOLOGIC Advisory LinkWhile the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable.12/20/2021
HOLOGICUnifi WorkspaceAffectedNoHOLOGIC Advisory LinkWhile the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable.12/20/2021
HOLOGICFaxitron CT Specimen Radiography SystemAffectedNoHOLOGIC Advisory LinkWhile the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program.12/20/2021
HOLOGICDimensions / 3Dimensions Mammography SystemNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICAffirm Prone Biopsy SystemNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICBrevera Breast Biopsy SystemNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICTrident HD Specimen Radiography SystemNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICSecurView DX WorkstationNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICCenova Image Analytics ServerNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICSecurXChange RouterNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICRosetta DC Tomosynthesis Data ConverterNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICFaxitron Specimen Radiography SystemsNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICHorizon DXA Bone DensitometerNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICDiscovery Bone DensitometerNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICFluoroscan Insight Mini C-ArmNot AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICSuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach)Not AffectedNoHOLOGIC Advisory Link12/20/2021
HOLOGICWindows Selenia Mammography SystemNot AffectedNoHOLOGIC Advisory Link12/20/2021
HuaweiHuawei Security Notice
HubspotHubspot Notice
I-Net softwareI-Net Software Statement
I2PI2P Statement
IBA-AGIBA-AG Statement
IbexaIbexa Statement
IBMBigFix ComplianceAffectedNo
IBMBigFix InventoryVM Manager Tool & SAP ToolAffectedNoTo verify if your instance is affected, go to the lib subdirectory of the tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version of log4j is included. Version is included in the name of the library.
IBMAnalytics EngineNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMApp ConfigurationNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMApp ConnectNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMApp IDAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMApplication GatewayNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMAspera EndpointNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMAspera EnterpriseNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMAspera fasp.ioNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMAsperaNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMBare Metal ServersNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMBlock StorageNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMBlock Storage for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMBlock Storage Snapshots for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCase ManagerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCertificate ManagerAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMClient VPN for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCloud Activity TrackerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCloud BackupNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCloud MonitoringNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCloud Object StorageAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCloud Object StorageAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCloudantAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCode EngineNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCognos Command CenterNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCognos Controller10.4.2AffectedYesSecurity Bulletin: IBM Cognos Controller 10.4.2 IF15: Apache log4j Vulnerability (CVE-2021-44228)12/15/2021
IBMCognos Integration ServerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose EnterpriseNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for ElasticsearchNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for etcdNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for MongoDBNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for MySQLNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for PostgreSQLNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for RabbitMQNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for RedisNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for RethinkDBNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCompose for ScyllaDBNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMContainer RegistryAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMContainer Security ServicesAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMContent Delivery NetworkNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMContinuous DeliveryAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMCopy Services ManagerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for DataStaxNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for EDBNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for ElasticsearchNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for etcdNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for MongoDBNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for PostgreSQLNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatabases for RedisNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDatapower GatewayNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDedicated Host for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDirect Link ConnectNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDirect Link Connect on ClassicNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDirect Link Dedicated (2.0)Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDirect Link Dedicated Hosting on ClassicNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDirect Link Dedicated on ClassicNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDirect Link Exchange on ClassicNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMDNS ServicesNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEmptoris Contract ManagementNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEmptoris Program ManagementNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEmptoris SourcingNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEmptoris Spend AnalysisNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEmptoris Supplier Lifecycle ManagementNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEnterprise Tape Controller Model C07 (3592) (ETC)Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEvent NotificationsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMEvent StreamsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMFile StorageNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMFlash System 900 (& 840)Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMFlow Logs for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMFunctionsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMGSKitNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMGuardium S-TAP for Data Sets on z/OSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMGuardium S-TAP for DB2 on z/OSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMGuardium S-TAP for IMS on z/OSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMHyper Protect Crypto ServicesNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMHyper Protect DBaaS for MongoDBAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMHyper Protect DBaaS for PostgreSQLAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMHyper Protect Virtual ServerAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMi2 Analyst’s NotebookNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMi2 BaseNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Application Runtime Expert for iNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Backup, Recovery and Media Services for iNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Db2 Mirror for iNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM HTTP ServerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM i Access FamilyNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM i Portfolio of products under the Group SWMANot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM PowerHA System Mirror for iNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Direct Browser User InterfaceNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Direct for HP NonStopNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Direct for i5/OSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Direct for OpenVMSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Express for Microsoft WindowsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Express for UNIXNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMIBM Sterling Connect:Express for z/OSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMInstana AgentTimestamp lower than 12-11-2021AffectedYesStatus Instana12/14/2021
IBMInternet ServicesAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMKey Lifecyle Manager for z/OSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMKey ProtectNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMKnowledge StudioAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMKubernetes ServiceNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMLoad Balancer for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMLog AnalysisNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMManaged VMware ServiceAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMManagement Extender for VMware vCenterAffectedNo
IBMMass Data MigrationNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMMaximo EAM SaaSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMMessage HubNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMMQ ApplianceNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMMQ on IBM CloudNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMNatural Language UnderstandingAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMOmniFind Text Search Server for DB2 for iNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMOPENBMCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMPlanning Analytics Workspace>2.0.57AffectedYesSecurity Bulletin: IBM Planning Analytics 2.0: Apache log4j Vulnerability (CVE-2021-44228)12/15/2021
IBMPower HMCV9.2.950.0 & V10.1.1010.0AffectedYesSecurity Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC12/15/2021
IBMPowerSCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMPowerVM HypervisorNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMPowerVM VIOSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMQRadar AdvisorNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMQradar Network Threat AnalyticsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMQRadar SIEMNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMQuantum ServicesNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMRational Developer for AIX and LinuxNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMRational Developer for iNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMRed Hat OpenShift on IBM CloudNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMResilientUnder Investigation
IBMRobotic Process AutomationNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSAN Volume Controller and Storwize FamilyNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSatellite Infrastructure ServiceNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSchematicsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSecrets ManagerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSecure GatewayNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMServer AutomationAffectedNo
IBMSpectrum Archive Library EditionNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum DiscoverNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Client Management ServiceNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for Databases: Data Protection for OracleNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for Databases: Data Protection for SQLNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for Enterprise Resource PlanningNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for Mail: Data Protection for DominoNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for Mail: Data Protection for ExchangeNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for WorkstationsNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect for z/OS USS Client and APINot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Plus Db2 AgentNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Plus Exchange AgentNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Plus File Systems AgentNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Plus MongoDB AgentNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Plus O365 AgentNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect ServerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Snapshot for UNIXNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSpectrum Protect Snapshot for UNIXNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSQL QueryNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling GentranNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Order ManagementNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for ACORDNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for Financial ServicesNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for FIXNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for NACHANot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for PeopleSoftNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for SAP R/3Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for SEPANot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for SiebelNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Pack for SWIFTNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Packs for EDINot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Packs for HealthcareNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMSterling Transformation Extender Trading ManagerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMStorage TS1160Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMStorage TS2280Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMStorage TS2900 LibraryNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMStorage TS3100-TS3200 LibraryNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMStorage TS4500 LibraryNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMStorage Virtualization Engine TS7700Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMTape System Library ManagerNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMTDMF for zOSNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMTotal Storage Service Console (TSSC) / TS4500 IMCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMTransit GatewayNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMTririga AnywhereNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMTS4300Not AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMUrbancode DeployNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVirtual Private CloudNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVirtual Server for ClassicNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVirtualization Management InterfaceNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVMware SolutionsAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVMware vCenter ServerAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVMware vSphereAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMVPN for VPCNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMvRealize Operations and Log InsightAffectedYesAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IBMWorkload AutomationNot AffectedAn update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog12/15/2021
IFSIFS Bulletin
IGELIGEL Statement
Ignite RealtimeIgnite Realtime Statement
iGrafxiGrafx Statement
Illuminated CloudIlluminated Cloud Statement
IllumioC-VENNot AffectedIllumio KB article12/16/2021
IllumioCLINot AffectedIllumio KB article12/16/2021
IllumioCloudSecureNot AffectedIllumio KB article12/16/2021
IllumioCore on-premise PCENot AffectedIllumio KB article12/16/2021
IllumioCore SaaS PCENot AffectedIllumio KB article12/16/2021
IllumioEdge SaaS PCENot AffectedIllumio KB article12/16/2021
IllumioEdge-CrowdStrikeNot AffectedIllumio KB article12/16/2021
IllumioFlowlinkNot AffectedIllumio KB article12/16/2021
IllumioKubelinkNot AffectedIllumio KB article12/16/2021
IllumioNENNot AffectedIllumio KB article12/16/2021
IllumioQRadar AppNot AffectedIllumio KB article12/16/2021
IllumioSplunk AppNot AffectedIllumio KB article12/16/2021
IllumioVENNot AffectedIllumio KB article12/16/2021
IManageIManage Statement
ImpervaImperva Statement
Inductive AutomationInductive Automation Statement
IndustrialDefenderIndustrialDefender Statement
infinidatinfinidat Statement
InfluxDataInfluxData Statement
InfobloxInfoblox Statement
InformaticaInformatica Statement
InstanaInstana Statement
InstructureInstructure Statement
IntelAudio Development KitAffectedNoIntel Advisory12/16/2021
IntelDatacenter ManagerAffectedNoIntel Advisory12/16/2021
InteloneAPI sample browser plugin for EclipseAffectedIntel Advisory12/16/2021
IntelSystem DebuggerAffectedIntel Advisory12/16/2021
IntelSecure Device OnboardAffectedIntel Advisory12/16/2021
IntelGenomics Kernel LibraryAffectedIntel Advisory12/16/2021
IntelSystem StudioAffectedIntel Advisory12/16/2021
IntelComputer Vision Annotation Tool maintained by IntelAffectedIntel Advisory12/16/2021
IntelSensor Solution Firmware Development KitAffectedIntel Advisory12/16/2021
Internet Systems Consortium(ISC)ISC DHCP, aka dhcpdAllNot AffectedN/AISC Open Source and Log4Jno JAVA Code12/17/2021
Internet Systems Consortium(ISC)Kea DHCPAllNot AffectedN/AISC Open Source and Log4Jno JAVA Code12/17/2021
Internet Systems Consortium(ISC)BIND 9AllNot AffectedN/AISC Open Source and Log4Jno JAVA Code12/17/2021
InterSystemsInterSystems Statement
Intlandcodebeamer<= 20.11-SP11, <= 21.09-SP3AffectedSome releasesApache Log4j vulnerability and fixesA fix has been released for 20.11 and 21.09, but not yet for 21.04
iRedMailiRedMail Statement
IronnetIronnet Security Notification
ISLONLINEISLONLINE Statement
IvantiIvanti Statement
JamasoftwareJamasoftware Statement
JamfJamf Pro10.31.0 – 10.34.0AffectedYesMitigating the Apache Log4j 2 Vulnerability
JaspersoftJaspersoft Statement
JedoxJedox Statement
JenkinsCI/CD CoreNot Affected
JenkinsPluginsSome affected, some fixed, most unaffected. See issue trackerSomeAnnouncementissue trackerInstructions to test your installations in announcement2021-12-16
JetBrainsIntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, Rider, RubyMine, WebStorm)UnknownNot AffectedJetBrains Blog Post
JetBrainsAll .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek)UnknownNot AffectedJetBrains Blog Post
JetBrainsToolBoxUnknownNot AffectedJetBrains Blog Post
JetBrainsTeamCityUnknownNot AffectedJetBrains Blog Post
JetBrainsHub2021.1.14080FixedJetBrains Blog Post
JetBrainsYouTrack Standalone2021.4.35970FixedJetBrains Blog Post
JetBrainsYouTrack InCloudUnknownFixedJetBrains Blog Post
JetBrainsDataloreUnknownNot AffectedJetBrains Blog Post
JetBrainsSpaceUnknownNot AffectedJetBrains Blog Post
JetbrainsCode With MeUnknownFixedJetBrains Blog Post
JetBrainsGatewayUnknownNot AffectedJetBrains Blog Post
JetBrainsKotlinUnknownNot AffectedJetBrains Blog Post
JetBrainsKtorUnknownNot AffectedJetBrains Blog Post
JetBrainsMPSUnknownNot AffectedJetBrains Blog Post
JetBrainsFloating license server30211FixedJetBrains Blog Post
JetBrainsUpSource2020.1.1952FixedJetBrains Blog Post
JFROGJFROG Statement
JitsiJitsi Advisory
JitterbitJitterbit Statement
jPOS(ISO-8583) bridgeUnknownNot Affectedsource
JournyxJourneyx Statement
Jump DesktopJump Desktop Statement
Juniper NetworksJuniper Networks Statement
Justice SystemsJustice Systems Support
K15tK15t Statement
K6K6 Statement
KarakunKarakun Statement
KaseyaKaseya Vulnerability Assessment
Keeper SecurityKeeper Security Notice
KEMPKEMP Support
KEMP 2KEMP 2 Support
KofaxKofax Product Information
Konica MinoltaKonica Minolta Support
Kronos UKGKronos UKG Statement
KybernaKyberna Statement
L-SoftL-Soft Info
L3Harris GeospatialL3Harris Geospatial
Lancom SystemsLancom Systems General Security Information
LansweeperLansweeper Information
LaserficheLaserfiche Product Information
LastPassLastPass Information
LaunchDarklyLaunchDarkly Statement
LeanixLeanix Statement
LenovoBIOS/UEFINot AffectedApache Log4j Vulnerability2021-12-14
LenovoChassis Management Module 2 (CMM)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoCommercial VantageNot AffectedApache Log4j Vulnerability2021-12-14
LenovoConfluentNot AffectedApache Log4j Vulnerability2021-12-14
LenovoDSS-GAffectedApache Log4j Vulnerability2021-12-14
LenovoEmbedded System Management Java-based KVM clientsNot AffectedApache Log4j Vulnerability2021-12-14
LenovoFan Power Controller (FPC)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoFan Power Controller2 (FPC2)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoIntegrated Management Module II (IMM2)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoNetApp ONTAP Tools for VMware vSphereAffectedApache Log4j VulnerabilitySee NetApp advisory.2021-12-14
LenovoNetwork Switches running: Lenovo CNOS, Lenovo ENOS, IBM ENOS, or Brocade FOSNot AffectedApache Log4j Vulnerability2021-12-14
LenovoStorage Management utilitiesUnder InvestigationApache Log4j Vulnerability2021-12-14
LenovoSystem Management Module (SMM)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoSystem Management Module 2 (SMM2)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoSystem UpdateNot AffectedApache Log4j Vulnerability2021-12-14
LenovoThin InstallerNot AffectedApache Log4j Vulnerability2021-12-14
LenovoThinkAgile HXAffectedApache Log4j VulnerabilityNutanix and VMware components only; hardware not affected. See Nutanix and VMWare advisories.2021-12-14
LenovoThinkAgile VXAffectedApache Log4j VulnerabilityVMware components only; hardware not affected. See VMWare advisory.2021-12-14
LenovoThinkSystem 2x1x16 Digital KVM Switch - Type 1754D1TNot AffectedApache Log4j Vulnerability2021-12-14
LenovoThinkSystem DE Series StorageNot AffectedApache Log4j VulnerabilitySee also NetApp advisory.2021-12-14
LenovoThinkSystem DM Series StorageNot AffectedApache Log4j VulnerabilitySee also NetApp advisory.2021-12-14
LenovoThinkSystem DS Series StorageNot AffectedApache Log4j Vulnerability2021-12-14
LenovoThinkSystem Manager (TSM)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoUpdate RetrieverNot AffectedApache Log4j Vulnerability2021-12-14
LenovoVantageNot AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Administrator (LXCA)AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Controller (XCC)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Energy Manager (LXEM)AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Essentials (LXCE)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Integrator (LXCI) for Microsoft Azure Log AnalyticsUnder InvestigationApache Log4j Vulnerability2021-12-14
LenovoXClarity Integrator (LXCI) for Microsoft System CenterNot AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Integrator (LXCI) for NagiosUnder InvestigationApache Log4j Vulnerability2021-12-14
LenovoXClarity Integrator (LXCI) for ServiceNowUnder InvestigationApache Log4j Vulnerability2021-12-14
LenovoXClarity Integrator (LXCI) for VMware vCenterAffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Integrator (LXCI) for Windows Admin CenterNot AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Mobile (LXCM)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Orchestrator (LXCO)Not AffectedApache Log4j Vulnerability2021-12-14
LenovoXClarity Provisioning Manager (LXPM)Not AffectedApache Log4j Vulnerability2021-12-14
LeoStreamLeoStream Discussion
Let's EncryptLet's Enrypt Statement
LibreNMSLibreNMS Statement
LifeRayLifeRay Blog
LifeSizeLifeSize Statement
LightbendLightbend Statement
Lime CRMLime CRM Statement
LIONGARDLIONGARD FAQ
LiquidFilesLiquidFiles Statement
LiveActionLiveAction Statement
LoftwareLoftware
LOGalyzeSIEM & log analyzer toolv4.xAffectedNoabandoned open-source software repo (sourceforge.net)local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17Forks (github.com)2021-12-17
LogiAnalyticsLogiAnalytics Statement
LogicMonitorLogicMonitor Statement
LogMeInLogMeIn Statement
LogRhythmLogRhythm Statement
LookerLooker Statement
LucaNetLucaNet Statement
LuceeLucee Statement
LyrasisFedora Repository3.x,4.x,5.x,6.xNot AffectedFedora Repository StatementFedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j.2021-12-14
MailStoreMailStore Statement
MaltegoMaltego Response to Logj4
ManageEngineServicedesk Plus11305 and belowAffectedManage Engine Advisory12/15/2021
ManageEngine ZohoManage Engine Link
ManageEngine ZohoADManager PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoADAudit PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoDataSecurity PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoEventLog AnalyzerOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoM365 Manager PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoRecoveryManager PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoExchange Reporter PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoLog360On-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoLog360 UEBAOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoCloud Security PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoM365 Security PlusOn-PremManageEngine Vulnerability Impact12/16/2021
ManageEngine ZohoAnalytics PlusOn-PremManageEngine Vulnerability Impact12/16/2021
MariaDBMariaDB Statement
MathWorksAll MathWorks general release desktop or server productsNot AffectedNoMathWorks statement regarding CVE-2021-44228
MathWorks MatlabMathWorks Matlab Statement
MatillionMatillion Security Advisory
MatomoMatomo Statement
Mattermost FocalBoardMattermost FocalBoard Concern
McAfeeData Exchange Layer (DXL)Under Investigation
McAfeeEnterprise Security Manager (ESM)Under Investigation
McAfeeePolicy Orchestrator Agent Handlers (ePO-AH)Not Affected
McAfeeePolicy Orchestrator Application Server (ePO)Under Investigation
McAfeeMcAfee Active Response (MAR)Under Investigation
McAfeeNetwork Security Manager (NSM)Under Investigation
McAfeeNetwork Security Platform (NSP)Under Investigation
McAfeeThreat Intelligence Exchange (TIE)Under Investigation
MEINBERGMEINBERG Information
MemuraiMemurai Information
MicroFocusMicroFocus Statement
MicrosoftAzure Data lake store java< 2.3.10Affectedazure-data-lake-store-java/CHANGES.md at ed5d6304783286c3cfff0a1dee457a922e23ad48 · Azure/azure-data-lake-store-java · GitHub
MicrosoftAzure Data lake store java< 2.3.10Affectedazure-data-lake-store-java/CHANGES.md at ed5d6304783286c3cfff0a1dee457a922e23ad48 · Azure/azure-data-lake-store-java · GitHub
MicrosoftAzure DevOps Server2019.0 - 2020.1AffectedNoAzure DevOps (and Azure DevOps Server) and the log4j vulnerability
MicrosoftAzure DevOpsNot AffectedAzure DevOps (and Azure DevOps Server) and the log4j vulnerability
MicrosoftTeam Foundation Server2018.2+AffectedNoAzure DevOps (and Azure DevOps Server) and the log4j vulnerability
MicrostrategyMicrostrategy Statement
Midori GlobalMidori Global Statement
MikrotikMikrotik Statement
Milestone sysMilestone sys Statement
MimecastMimecast Information
MinecraftMinecraft Vulnerability Message
MirantisMirantis Statement
MiroMiro Log4j Updates
MitelMitel Statement
MobileIronCoreAll VersionsAffectedYeshttps://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_USThe mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function.12/20/21
MobileIronCore ConnectorAll VersionsAffectedYeshttps://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_USThe mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function.12/20/21
MobileIronReporting Database (RDB)All VersionsAffectedYeshttps://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_USThe mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function.12/20/21
MobileIronSentry9.13, 9.14AffectedYeshttps://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_USThe mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function.12/20/21
MongoDBAll other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts)Not Affectedhttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MongoDBMongoDB Atlas SearchAffectedyeshttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MongoDBMongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators)Not Affectedhttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MongoDBMongoDB DriversNot Affectedhttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MongoDBMongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators)Not Affectedhttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MongoDBMongoDB Realm (including Realm Database, Sync, Functions, APIs)Not Affectedhttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MongoDBMongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors)Not Affectedhttps://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
MoodleMoodle Discussion
MoogSoftMoogSoft Vulnerability Information
Motorola AvigilonMotorola Avigilon Technical Notification
MulesoftMulesoft StatementThis advisory is available to customers only and has not been reviewed by CISA
MulesoftMule Runtime3.x,4.xAffectedYesApache Log4j2 vulnerability - December 2021This advisory is available to account holders only and has not been reviewed by CISA.12/15/2021
MulesoftMule Agent6.xAffectedYesApache Log4j2 vulnerability - December 2021This advisory is available to account holders only and has not been reviewed by CISA.12/15/2021
MulesoftCloudhubAffectedYesApache Log4j2 vulnerability - December 2021This advisory is available to account holders only and has not been reviewed by CISA.12/15/2021
MulesoftAnypoint Studio7.xAffectedYesApache Log4j2 vulnerability - December 2021This advisory is available to account holders only and has not been reviewed by CISA.12/15/2021
N-ableN-able Statement
NagiosNagios Statement
NAKIVONAKIVO Statement
Neo4jNeo4j Graph DatabaseVersion >4.2, <4..2.12AffectedNo12/13/2021
NetappMultiple NetApp productsAffectedhttps://security.netapp.com/advisory/ntap-20211210-0007/
NetcupNetcup Statement
NetGate PFSenseNetGate PFSense Forum
NetwrixNetwrix Statement
New RelicContainerized Private Minion (CPM)3.0.57FixedYesNR21-04New Relic is in the process of revising guidance/documentation, however the fix version remains sufficient.Security Bulletin NR21-0412-18-2021
New RelicNew Relic Java Agent<7.4.2AffectedYesJava agent v7.4.2Initially fixed in 7.4.1, but additional vulnerability foundNew Relic tracking, covers CVE-2021-44228, CVE-2021-4504612/15/2021
NextCloudNextCloud Help
Nexus GroupNexus Group Docs
NI (National Instruments)NI Support Link
Nice Software (AWS) EnginFRAMENice Software EnginFRAME Link
NinjaRMMNinjaRMM ArticleThis advisory is available to customers only and has not been reviewed by CISA
NomachineNomachine Forums
NoviFlowNoviflow Link
NulabNulab Blog Post
NutanixNutanix Alert Link
NvidiaNvidia Link
NXLogNXLog Link
Objectif LuneObjectif Lune Blog Post
OCLCOCLC Link
OctopusOctopus Advisory
OktaAdvanced Server AccessNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta Access GatewayNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta AD AgentNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta Browser PluginNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta IWA Web AgentNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta LDAP AgentNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta MobileNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta RADIUS Server Agent< 2.17.0AffectedOkta RADIUS Server Agent CVE-2021-44228 Okta12/12/2021
OktaOkta VerifyNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta WorkflowsNot AffectedOkta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security12/12/2021
OktaOkta On-Prem MFA Agent< 1.4.6AffectedOkta On-Prem MFA Agent CVE-2021-44228 Okta12/12/2021
OnespanOnespan Link
OpengearOpengear Link
OpenMRS TALKOpenMRS TALK Link
OpenNMSOpenNMS Link
OpenSearchOpenSearch Discussion Link
OracleOracle Security Alert
OrgavisionOrgavision Link
OTRSOTRS Link
OVHCloudOVHCloud Blog Post
OwnCloudOwnCloud Link
OxygenXMLAuthorAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLDeveloperAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLEditorAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLOxygen Content Fusion2.0, 3.0, 4.1AffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLOxygen Feedback Enterprise1.4.4 & olderAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLOxygen License Serverv22.1 to v24.0AffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLOxygen PDF Chemistryv22.1, 23.0, 23.1, 24.0AffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLOxygen SDKAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLPlugins (see advisory link)AffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLPublishing EngineAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLWeb AuthorAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
OxygenXMLWebHelpAffectedFixedYeshttps://www.oxygenxml.com/security/advisory/CVE-2021-44228.html12/17/2021
PalantirPalantir FoundryAllFixedPalantir Response to Log4j Vulnerability (palantir.com)No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates.12/19/2021
PalantirPalantir GothamAllFixedPalantir Response to Log4j Vulnerability (palantir.com)No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates.12/19/2021
PalantirPalantir ApolloAllNot AffectedPalantir Response to Log4j Vulnerability (palantir.com)No impact, and updates have been deployed for full remediation.12/19/2021
PalantirPalantir AI Inference Platform (AIP)AllFixedPalantir Response to Log4j Vulnerability (palantir.com)Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates.12/19/2021
Palo-Alto NetworksCloudGenixNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksPalo-Alto Networks-OS for Panorama9.0, 9.1, 10.0AffectedYesCVE-2021-44228:Impact of Log4J VulnerabilityUpgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected.12/15/2021
Palo-Alto NetworksBridgecrewNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksCortex Data LakeNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksCortex XpanseNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksCortex XDR AgentNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksCortex XSOARNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksExpeditionNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksIoT SecurityNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksGlobalProtect AppNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksPalo-Alto Networks-OS for Firewall and WildfireNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksPrisma AccessNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksPrisma CloudNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksPrisma Cloud ComputeNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksOkyo GradeNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksSaaS SecurityNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksWildFire ApplianceNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksWildFire CloudNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
Palo-Alto NetworksUser-ID AgentNot AffectedCVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)
PanoptoPanopto Support Link
PaperCutPaperCut MF21.0 and laterAffectedYeshttps://www.papercut.com/support/known-issues/?id=PO-684#ngVersions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve.12/16/2021
PaperCutPaperCut NG21.0 and laterAffectedYeshttps://www.papercut.com/support/known-issues/?id=PO-684#ngVersions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve.12/16/2021
ParallelsParellels Link
Parse.lyParse.ly Blog Post
PegaPega Docs Link
PentahoPentaho Support Link
PerconaPercona Blog Post
PexipPexip Link
Phenix IdPhenix Id Support Link
PhilipsMultiple productsPhilips Security Advisory
Ping IdentityPingAccess4.0 <= version <= 6.3.2AffectedYesLog4j2 vulnerability CVE-2021-442282021-12-15
Ping IdentityPingCentralAffectedYesLog4j2 vulnerability CVE-2021-442282021-12-15
Ping IdentityPingFederate8.0 <= version <= 10.3.4AffectedYesLog4j2 vulnerability CVE-2021-442282021-12-15
Ping IdentityPingFederate Java Integration Kit< 2.7.2AffectedYesLog4j2 vulnerability CVE-2021-442282021-12-15
Ping IdentityPingFederate OAuth Playground< 4.3.1AffectedYesLog4j2 vulnerability CVE-2021-442282021-12-15
Ping IdentityPingIntelligenceAffectedYesLog4j2 vulnerability CVE-2021-442282021-12-15
Pitney BowesPitney Bowes Support Link
PlanmecaPlanmeca Link
Planon SoftwarePlanon NewsThis advisory is available for customers only and has not been reviewed by CISA
Platform.SHPlatform.SH Blog Post
PleskPlesk Support Link
PlexPlex Industrial IoTFixedPN1579 - Log4Shell Vulnerability NoticeThe product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required.12/15/2021
PolycomPolycom Support Link
PortainerPortainer Blog Post
PortSwiggerPortSwigger Forum
PostGreSQLPostGreSQL News
PostmanPostman Support Link
Power Admin LLCPA File SightNONENotAffectedUpdate December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about12/17/2021
Power Admin LLCPA Storage MonitorNONENotAffectedUpdate December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about12/17/2021
Power Admin LLCPA Server MonitorNONENotAffectedUpdate December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about12/17/2021
PretixPretix Blog Post
PrimeKeyPrimeKey Support Link
Progress / IpSwitchProgress / IpSwitch Link
ProofPointProofPoint ArticleThis advisory is available for customers only and has not been reviewed by CISA
ProSeSProSeS Link
ProsysProsys News Link
ProxmoxProxmox Forum
PRTG PaesslerPRTG Paessler Link
PTCAxeda Platform6.9.2AffectedNoPTC Axeda Platform Apache log4j vulnerability - Incident Response12/17/2021
PTCThingsWorx Platform8.5,9.0,9.1,9.2, All supported versionsAffectedNoThingWorx Apache log4j vulnerability - Incident Response12/17/2021
PTCThingsWorx Analytics8.5,9.0,9.1,9.2, All supported versionsAffectedNoThingWorx Apache log4j vulnerability - Incident Response12/17/2021
PTV GroupPTV Group Link
Pulse SecureIvanti Connect Secure (ICS)Not AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecureIvanti Neurons for secure AccessNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecureIvanti Neurons for ZTANot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Connect SecureNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Desktop ClientNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Mobile ClientNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse OneNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Policy SecureNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Secure Services DirectorNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Secure Virtual Traffic ManagerNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse Secure Web Application FirewallNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecurePulse ZTANot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
PuppetPuppet Blog Post
Pure StoragePure Storage Support LinkThis advisory is available for customers only and has not been reviewed by CISA
Pulse SecureIvanti Neurons for ZTANot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pulse SecureIvanti Neurons for secure AccessNot AffectedPulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)
Pure StorageFlashBlade3.1.x,3.2.x,3.3.xAffectedNoPure Storage Customer PortalPatch expected 12/24/202112/15/2021
Pure StorageFlash Array5.3.x, 6.0.x, 6.1.x, 6.2.xAffectedNoPure Storage Customer PortalPatch expected 12/20/202112/15/2021
Pure StorageCloud BlockstoreCBS6.1.x, CBS6.2.xAffectedNoPure Storage Customer PortalPatch expected 12/27/202112/15/2021
Pure StoragePure1N/AFixedYesPure Storage Customer Portal12/15/2021
Pure StoragePortWorx2.8.0+AffectedYesPure Storage Customer Portal12/15/2021
Pyramid AnalyticsPyramid Analytics Community Link
QF-TestQF-Test Blog Post
QlikQlik Community Link
QMATICOrchestra Central6.0+Not AffectedQMATIC Link12/21/2021
QMATICAppointment Booking2.4+AffectedYesQMATIC LinkUpdate to v. 2.8.2 which contains log4j 2.1612/21/2021
QMATICInsightsCloudAffectedYesQMATIC Linklog4j 2.16 applied 2021-12-1612/21/2021
QMATICAppointment BookingCloud/Managed ServiceAffectedYesQMATIC Linklog4j 2.16 applied 2021-12-1512/21/2021
QNAPUnder InvestigationQNAP Security Advisory
QOPPAQOPPA Link
QSC Q-SYSQSC Q-SYS Article
QTNot AffectedQT
Quest GlobalQuest Global
R2ediviewerR2ediviewer Link
RadwareRadware Support Link
Rapid7AlcidekArt, kAdvisor, and kAuditon-premNot AffectedRapid7 Statement12/15/2021
Rapid7AppSpider Enterpriseon-premNot AffectedRapid7 Statement12/15/2021
Rapid7AppSpider Proon-premNot AffectedRapid7 Statement12/15/2021
Rapid7Insight Agenton-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightAppSec Scan Engineon-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightAppSec Scan Engineon-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightCloudSec/DivvyCloudon-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightConnect Orchestratoron-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightIDR Network Sensoron-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightIDR/InsightOps Collector & Event Sourceson-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightOps DataHubInsightOps DataHub <= 2.0AffectedYesRapid7 StatementUpgrade DataHub to version 2.0.1 using the following instructions.12/15/2021
Rapid7InsightOps non-Java logging librarieson-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightOps r7insight_java logging library<=3.0.8AffectedYesRapid7 StatementUpgrade r7insight_java to 3.0.912/15/2021
Rapid7InsightVM Kubernetes Monitoron-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightVM/Nexposeon-premNot AffectedRapid7 Statement12/15/2021
Rapid7InsightVM/Nexpose Consoleon-premNot AffectedRapid7 StatementInstallations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell.12/15/2021
Rapid7InsightVM/Nexpose Engineon-premNot AffectedRapid7 StatementInstallations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell.12/15/2021
Rapid7IntSights virtual applianceon-premNot AffectedRapid7 Statement12/15/2021
Rapid7Logentries DataHubLinux version <= 1.2.0.820; Windows version <= 1.2.0.820AffectedYesRapid7 StatementLinux: Install DataHub_1.2.0.822.deb using the following instructions. Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these instructions. You can find more details here.12/15/2021
Rapid7Logentries le_java logging libraryAll versions: this is a deprecated componentAffectedYesRapid7 StatementMigrate to version 3.0.9 of r7insight_java12/15/2021
Rapid7Metasploit Frameworkon-premNot AffectedRapid7 Statement12/15/2021
Rapid7Metasploit Proon-premNot AffectedRapid7 StatementMetasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j.12/15/2021
Rapid7tCell Java Agenton-premNot AffectedRapid7 Statement12/15/2021
Rapid7Velociraptoron-premNot AffectedRapid7 Statement12/15/2021
RaritanRaritan Support Link
RavelinRavelin Link
Real-Time Innovations (RTI)Distributed LoggerNot AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)Recording ConsoleNot AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)RTI Administration ConsoleNot AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)RTI Code GeneratorNot AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)RTI Code Generator ServerNot AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)RTI Micro Application Generator (MAG)as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)RTI Micro Application Generator (MAG)as part of RTI Connext Professional 6.0.0 and 6.0.1AffectedRTI Statement12/16/2021
Real-Time Innovations (RTI)RTI MonitorNot AffectedRTI Statement12/16/2021
Red HatRed Hat Data Grid8AffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5132Dec/20/2021
Red HatRed Hat Process Automation7AffectedYesCVE-2021-44228- Red Hat Customer PortalMaven PatchDec 20/2021
Red HatRed Hat CodeReady Studio12.21.0AffectedYesCVE-2021-44228- Red Hat Customer PortalCRS 12.21.1 PatchDec/21/2021
Red HatRed Hat Integration Camel KAffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5130Dec/20/2021
Red HatRed Hat Integration Camel QuarkusAffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5126Dec/20/2021
Red HatRed Hat JBoss A-MQ StreamingAffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5138Dec/20/2021
Red HatRed Hat JBoss Enterprise Application Platform7AffectedYesCVE-2021-44228- Red Hat Customer PortalMaven PatchDec/20/2021
Red HatRed Hat JBoss Fuse7AffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5134Dec/20/2021
Red HatRed Hat Vert.X4AffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5093Dec/20/2021
Red Hat OpenShift Container Platform 3.11openshift3/ose-logging-elasticsearch5AffectedYesCVE-2021-44228- Red Hat Customer PortalRHSA-2021:5094
Red Hat OpenShift Container Platform 4openshift4/ose-logging-elasticsearch6AffectedYesCVE-2021-44228- Red Hat Customer PortalPlease refer to Red Hat Customer Portal to find the right errata for your version.
Red Hat OpenShift Container Platform 4openshift4/ose-metering-hiveAffectedYesCVE-2021-44228- Red Hat Customer PortalPlease refer to Red Hat Customer Portal to find the right errata for your version.
Red Hat OpenShift Container Platform 4openshift4/ose-metering-prestoAffectedYesCVE-2021-44228- Red Hat Customer PortalPlease refer to Red Hat Customer Portal to find the right errata for your version.
Red Hat OpenShift Logginglogging-elasticsearch6-containerAffectedYesCVE-2021-44228- Red Hat Customer PortalPlease refer to Red Hat Customer Portal to find the right errata for your version.
Red HatRed Hat Single Sign-On7Not AffectedCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red HatRed Hat Enterprise Linux6Not AffectedCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red HatRed Hat Enterprise Linux7Not AffectedCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red HatRed Hat Enterprise Linux8Not AffectedCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red HatRed Hat build of QuarkusNot AffectedCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red HatRed Hat Decision Manager7Not AffectedCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red Hat Software Collectionsrh-java-common-log4jNot AffectedCVE-2021-44228- Red Hat Customer Portal
Red Hat Software Collectionsrh-maven35-log4j12Not AffectedCVE-2021-44228- Red Hat Customer Portal
Red Hat Software Collectionsrh-maven36-log4j12Not AffectedCVE-2021-44228- Red Hat Customer Portal
Red Hatlog4j-coreNot AffectedCVE-2021-44228- Red Hat Customer Portal
Red HatSatellite 5Not AffectedCVE-2021-44228- Red Hat Customer Portal
Red HatSpacewalkNot AffectedCVE-2021-44228- Red Hat Customer Portal
Red HatRed Hat JBoss Enterprise Application Platform Expansion Pack7Not AffectedNoCVE-2021-44228- Red Hat Customer PortalDec/20/2021
Red Hat OpenStack Platform 13 (Queens)opendaylightAffectedNoCVE-2021-44228- Red Hat Customer PortalEOL
Red5ProRed5Pro Link
RedGateRedGate Link
RedisRedis Link
Reiner SCTReiner SCT Forum
ReportURIReportURI Link
RespondusRespondus Support LinkThis advisory is available to customers only and has not been reviewed by CISA
Revenera / FlexeraRevenera / Flexera Community Link
RicohRicoh Link
RingCentralRingCentral Security Bulletin
RiverbedRiverbed Support Link
Rockwell AutomationFactoryTalk Analytics DataFlowML4.00.00AffectedUnder developmentPN1579 - Log4Shell Vulnerability Notice12/15/2021
Rockwell AutomationFactoryTalk Analytics DataView3.03.00AffectedUnder developmentPN1579 - Log4Shell Vulnerability Notice12/15/2021
Rockwell AutomationIndustrial Data CenterGen 1, Gen 2, Gen 3, Gen 3.5FixedFollow the mitigation instructions outlined by VMware in VMSA-2021-0028PN1579 - Log4Shell Vulnerability Notice12/15/2021
Rockwell AutomationMES EIG3.03.00AffectedNo, product discontinuedPN1579 - Log4Shell Vulnerability NoticeCustomers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions.12/15/2021
Rockwell AutomationVersaVirtualSeries AFixedFollow the mitigation instructions outlined by VMware in VMSA-2021-0028PN1579 - Log4Shell Vulnerability Notice12/15/2021
Rockwell AutomationWarehouse Management4.01.00, 4.02.00, 4.02.01, 4.02.02AffectedUnder developmentPN1579 - Log4Shell Vulnerability Notice12/15/2021
RollbarRollbar Blog Post
Rosette.comRosette.com Support Link
RSASecurID Authentication ManagerNot Affected
RSASecurID Authentication Manager PrimeNot Affected
RSASecurID Authentication Manager WebTierNot Affected
RSASecurID Governance and LifecycleNot Affected
RSASecurID Governance and Lifecycle CloudNot Affected
RSASecurID Identity RouterNot Affected
RSA NetwitnessRSA Netwitness Community Link
RubrikRubrik Support LinkThis advisory is available to customers only and has not been reviewed by CISA
RuckusVirtual SmartZone (vSZ)5.1 to 6.0AffectedRuckus Wireless (support.ruckuswireless.com)12/13/2021
RunDeck by PagerDutyRunDeck Docs Link
RunecastRunecast Analyzer6.0.3FixedYesRunecast Release notes
SAE-ITSAE-IT News Link
SAFE FME ServerSAFE FME Server Community Link
SAGESAGE Announcement Link
SailPointSailPoint Community LinkThis advisory is available to customers only and has not been reviewed by CISA
SalesforceAnalytics CloudAffectedSalesforce Statement"Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."12/15/2021
SalesforceB2C Commerce CloudAffectedSalesforce Statement"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceClickSoftware (As-a-Service)AffectedSalesforce Statement"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceClickSoftware (On-Premise)UnknownSalesforce Statement"Please contact Customer Support."12/15/2021
SalesforceCommunity CloudAffectedSalesforce Statement"Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceData.comAffectedSalesforce Statement"Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceDatoramaAffectedSalesforce Statement"Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceEvergage (Interaction Studio)AffectedSalesforce Statement"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."12/15/2021
SalesforceForce.comAffectedSalesforce Statement"Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceHerokuNot AffectedSalesforce Statement"Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time."12/15/2021
SalesforceMarketing CloudAffectedSalesforce Statement"Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceMuleSoft (Cloud)AffectedSalesforce Statement"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceMuleSoft (On-Premise)UnknownSalesforce Statement"Please contact Customer Support."12/15/2021
SalesforcePardotAffectedSalesforce Statement"Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceSales CloudAffectedSalesforce Statement"Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceService CloudAffectedSalesforce Statement"Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceSlackAffectedSalesforce Statement"Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceSocial StudioAffectedSalesforce Statement"Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SalesforceTableau (On-Premise)< 2021.4.1FixedSalesforce StatementFixed in 2021.4.112/16/2021
SalesforceTableau (Online)AffectedSalesforce Statement"Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."12/15/2021
SangomaSangoma Community Link
SAP Advanced PlatformSAP Advanced Platform Support LinkThis advisory is available to customers only and has not been reviewed by CISA
SAP BusinessObjectsSAP BusinessObjects Support LinkThis advisory is available to customers only and has not been reviewed by CISA
SASSAS Support Link
SASSAFRASSASSAFRAS Link
Savignano software solutionsSavignano Link
SBTSBT<1.5.6AffectedYesRelease 1.5.7 · sbt/sbt(github.com)12/15/2021
ScaleComputingScaleComputing Community LinkThis advisory is available to customers only and has not been reviewed by CISA
ScaleFusion MobileLock ProScaleFusion MobileLock Pro Help
Schneider ElectricEcoStruxure IT GatewayV1.5.0 to V1.13.0FixedYesEcoStruxure Link12/20/2021
Schneider ElectricEcoStruxure IT ExpertCloudFixedYes12/20/2021
Schneider ElectricFacility Expert Small BusinessCloudFixedYesSE Cybersecurity Best Practices12/20/2021
Schneider ElectricWiser by SE platformCloudFixedYes12/20/2021
Schneider ElectricEASYFITCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricEcoreal XLCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricEurotherm Data ReviewerV3.0.2 and priorAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricMSECurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricNetBotz750/755Software versions 5.0 through 5.3.0AffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricNEW630Current software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSDK BOMCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSDK-DocgenCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSDK-TNCCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSDK-UMSCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSDK3D2DRendererCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSDK3D360WidgetCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSelect and Config DATACurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSNC-APICurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSNC-CMMCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSNCSEMTECHCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSPIMV3Current software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSWBEditorCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
Schneider ElectricSWBEngineCurrent software and earlierAffectedSE Cybersecurity Best Practices12/20/2021
SCM ManagerSCM Manager Link
ScreenBeamScreenBeam Article
SDL worldServerSDL worldServer Link
Seagull ScientificSeagull Scientific Support Link
SecurePointSecurePoint News Link
Security OnionSecurity Onion Blog Post
SeeburgerSeeburger Service Desk LinkThis advisory is avaiable to customers only and has not been reviewed by CISA
SentinelOneSentinelOne Blog Post
SentrySentry Blog Post
SEPSEP Support Link
Server EyeServer Eye Blog Post
ServiceNowServiceNow Support Link
ShibbolethShibboleth Announcement
ShibbolethAll ProductsIdentity Provider>=3.0, All other software versionsNotAffectedLog4j CVE (non)-impact12/10/2021
ShopifyShopify Community Link
SiebelSiebel Link
SiemensAdvantage Navigator Energy & SustainabilityAll Versions <2021-12-13AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensAdvantage Navigator Software ProxyAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensCapitalAll Versions>=2019.1 SP1912 only if Teamcenter integration feature is usedAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesOnly affected if Teamcenter integration feature is used. Currently no remediation is available. Find detailed mitigations steps at:Mitigations Link; See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensCerberus DMSV5.0, V5.1 with Advanced Reporting EM installedAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the class-path. Detailed instructions are available here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensComos Desktop AppAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Uninstall “Teamcenter Client Communication System (TCSS)” or block both incoming and outgoing connections between the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensDesigo CCV3.0, V4.0, V4.1, V4.2 with Advanced Reporting EM installedAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the class-path. Detailed instructions are available here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensDesigo CCV5.0, 5.1 with Advanced Reporting OR Info Center EM installedAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the class-path. Detailed instructions are available here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensE-Car OC Cloud ApplicationAll Versions <2021-12-13AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensEnergy EngageV3.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesFind detailed remediation and mitigation information on the EnergyIP docs portal. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensEnergyIPV8.5, V8.6, V8.7, V9.0AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesNote: EnergyIP V8.5 and V8.6 applications are not directly affected, but CAS is. Find detailed remediation and mitigation information on the EnergyIP docs portal. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensEnergyIP PrepayV3.7. V3.8AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesSpecific mitigation information has been released for the customer projects with the request of immediate deployment. The long-term solution of updating the log4j2 component to a fix version is being tested and will be released, once confirmed being safe for the particular product version in line with the project Service Level Agreements. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensEnlightened AmazeAll Versions <2021-12-10AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed on central cloud services starting 2021-12-10; no user actions necessary. For Comfy and Enlighted, see the Additional Information section and further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensEnlightened WhereAll Versions <2021-12-11AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed on central cloud services starting 2021-12-11; no user actions necessary. For Comfy and Enlighted, see the Additional Information section and further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensGeolus Shape Search V10All VersionsAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensGeolus Shape Search V11All VersionAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensGMA-ManagerAll Version >=V8.6.2j-398 and <V8.6.2-472AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesUpdate to V8.6.2-472 or later version. Block both incoming and outgoing connections between the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensHES UDISAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Specific mitigation information has been released for the local project teams with the request of immediate deployment. A patch is planned for the next regular release. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensIndustrial Edge Management App (IEM-App)All VersionsAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesExposure to vulnerability is limited as IEM-App runs in IEM-OS and IEM-OS is not intended to be exposed to public internet and should be operated in a protected environment. Please refer to the Industrial Edge - Security overview. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensIndustrial Edge Management HubAll versions <2021-12-13AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerability CVE-2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensIndustrial Edge Management OS (IEM-OS)All VersionsAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesExposure to vulnerability is limited as IEM-OS is not intended to be exposed to public internet and should be operated in a protected environment. Please refer to the Industrial Edge - Security overview. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensLOGO! Soft ComfortAll versionsNot AffectedSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesNote: LOGO! Soft Comfort products were previously listed as affected. They were removed after closer investigation showed that they are not affected.12/18/2021
SiemensMendix ApplicationsAll VersionsAffected (See Notes)YesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesAlthough the Mendix runtime itself is not vulnerable to this exploit, we nevertheless recommend to upgrade log4j-core to the latest available version if log4j-core is part of your project. This advice is regardless of the JRE/JDK version the app runs on. See Mendix Statement for more details. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere App Management Cockpits (Developer & Operator)All Versions <2021-12-16AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed with update on 2021-12-16; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Asset ManagerAll Versions <2021-12-16AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed with update on 2021-12-16; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Cloud FoundryAll Versions <2021-12-14AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesAlthough the Cloud Foundry environment itself is not vulnerable to this exploit, we nevertheless recommend to upgrade log4j-core to the latest available version if log4j-core is part of your project. See more update information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Cloud PlatformAll Versions <2021-12-11AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed on central cloud service starting 2021-12-11; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere IAM (User Management/Settings)All VersionsAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed with update on 2021-12-16; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Integrated Data LakeAll Versions <2021-12-16AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed with update on 2021-12-16; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Notification ServiceAll Versions <2021-12-16AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed with update on 2021-12-16; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Predictive LearningAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Usage Transparency ServiceAll Versions <2021-12-16AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesVulnerabilities fixed with update on 2021-12-16; no user actions necessary. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensMindSphere Visual ExplorerAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Although MindSphere Visual Explorer does not use the affected component directly it is included within the included third-party component Tableau. While the regarding interaction with Tableau is deactivated, a remediating patch for Tableau is still awaited. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensNXAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Find detailed mitigation steps here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensOpcenter EX CP Process Automation ControlAll versions >=V17.2.3 and <V18.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesUpdate to V18.1 or later version to fix CVE-2021-44228. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensOpcenter IntelligenceAll Versions >=V3.2 only OEM version that ships TableauAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensOperation SchedulerAll versions >=V1.1.3AffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections between the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSENTRON powermanager V4V4.1, V4.2AffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections between the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSIGUARD DSAV4.2, 4.3, 4.4AffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSIMATIC WinCCAll VersionsNot AffectedSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesSIMATI WinCC products were previously listed as affected. They were removed after closer investigation showed that they are not affected.12/18/2021
SiemensSimcenter 3DAll Versions <=V022.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiPass integrated V2.80All VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet.See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiPass integrated V2.85All VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiveillance CommandAll Versions >=4.16.2.1AffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiveillance Control ProAll VersionsAffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesHotfix available for versions >= V2.1 (please contact customer support). Block both incoming and outgoing connections betwen the system and the Internet.See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiveillance Identity V1.5All VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiveillance Identity V1.6All VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSiveillance VantageAll VersionsAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSolid Edge CAM ProAll Versions delivered with Solid Edge SE 2020 or later versionAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSolid Edge Harness DesignAll Versions >=2020 SP2002 only if Teamcenter integration feature is usedAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Find detailed mitigation steps here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSpectrum Power 4All versions >=V4.70 SP8AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesUpdate to V4.70 SP9 and apply the patch provided via customer support. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensSpectrum Power 7All Versions >=V2.30 SP2AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesUpdate to V21Q4 and apply the patch provided via customer support. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenterAll Versions >=V13.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Active WorkspaceAll Versions >=V4.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Briefcase BrowserAll Versions >=V13.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Data Share ManagerAll Versions >=V13.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Deployment CenterAll Versions >=V13.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Dispatcher ServiceAll Versions >=V13.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter EDAAll Versions >=V2.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter FMSAll Versions >=V11.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Integration FrameworkAll Versions >=V13.2AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter MBSE GatewayAll Versions >=V4.0AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Mendix ConnectorV1.0AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Microservices FrameworkAll Versions >=V5.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Polarion IntegrationAll Versions >=V5.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Rapid StartAll Versions >=V13.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Reporting and AnalyticsAll Versions based on Java SOA client >=V11.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Requirements IntegratorAll Versions based on Java SOA client >=V11.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Retail Footwear and ApparelAll Versions >=V4.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Security ServicesAll Versions >=V11.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Supplier CollaborationAll Versions >=V5.1AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter System Modeling WorkbenchAll Versions based on Java SOA client >=V11.3AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensTeamcenter Technical PublishingAll Versions >=V2.10AffectedYesSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesRemove the JndiLookup class from the classpath. Find detailed remediation and mitigation information here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensVeSysAll Versions >=2019.1 SP1912 only if Teamcenter integration feature is usedAffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Find detailed mitigation steps here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensXpedition EnterpriseAll Versions >=VX.2.6AffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Find detailed mitigation steps here. See further recommendations from Siemens Advisory SSA-66125712/18/2021
SiemensXpedition IC PackagingAll Versions >=VX.2.6AffectedNoSiemens Advisory - SSA-661257: Apache Log4j VulnerabilitiesCurrently no remediation is available. Find detailed mitigation steps here. See further recommendations from Siemens Advisory SSA-661257.12/18/2021
Sierra WirelessSierra Wireless Security Bulletin
SignaldSignald Gitlab
Silver PeakOrchestrator, Silver Peak GMSAffectedNoSecurity Advisory Notice ApacheCustomer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit.12/14/2021
SingleWireSingleWire Support LinkThis advisory is available to customers only and has not been reviewed by CISA
SitecoreSitecore Support Link
SkillableSkillable Link
SLF4JSLF4J Link
SmartBearSmartBear Link
SmileCDRSmileCDR Blog Post
Sn0mSn0m Link
SnowflakeNot AffectedSnowflake Community Link
SnykCloud PlatformNot AffectedSnyk Updates
Software AGSoftware AG
SolarWindsDatabase Performance Analyzer (DPA)2021.1.x, 2021.3.x, 2022.1.xAffectedNoApache Log4j Critical Vulnerability (CVE-2021-44228) Database Performance Analyzer (DPA) and the Apache Log4j Vulnerability (CVE-2021-44228)Workarounds available, hotfix under development12/14/2021
SolarWindsServer & Application Monitor (SAM)SAM 2020.2.6 and laterAffectedNoApache Log4j Critical Vulnerability (CVE-2021-44228) Server & Application Monitor (SAM) and the Apache Log4j Vulnerability (CVE-2021-44228)Workarounds available, hotfix under development12/14/2021
SonarSourceSonarSource
SonatypeSonatype Vulnerability Statement
SonicWallCapture Client & Capture Client PortalNot AffectedSonic Wall Security AdvisoryLog4j2 not used in the Capture Client.12/12/2021
SonicWallAccess PointsNot AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the SonicWall Access Points12/12/2021
SonicWallAnalyticsUnder InvestigationSecurity Advisory (sonicwall.com)Under Review12/12/2021
SonicWallAnalyzerUnder InvestigationSecurity Advisory (sonicwall.com)Under Review12/12/2021
SonicWallCapture Security ApplianceNot AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the Capture Security appliance.12/12/2021
SonicWallCASUnder InvestigationSecurity Advisory (sonicwall.com)Under Review12/12/2021
SonicWallEmail SecurityNot Affected[Security Advisory (sonicwall.com)]Version 10.x doesn't use a vulnerable version12/12/2021
SonicWallGen5 Firewalls (EOS)Not AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the appliance.12/12/2021
SonicWallGen6 FirewallsNot AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the appliance.12/12/2021
SonicWallGen7 FirewallsNot AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the appliance.12/12/2021
SonicWallGMSUnder InvestigationSecurity Advisory (sonicwall.com)Under Review12/12/2021
SonicWallMSWNot AffectedSecurity Advisory (sonicwall.com)Mysonicwall service doesn't use Log4j12/12/2021
SonicWallNSMNot AffectedSecurity Advisory (sonicwall.com)NSM On-Prem and SaaS doesn't use a vulnerable version12/12/2021
SonicWallSMA 100Not AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the SMA100 appliance.12/12/2021
SonicWallSMA 1000Not AffectedSecurity Advisory (sonicwall.com)Version 12.1.0 and 12.4.1 doesn't use a vulnerable version12/12/2021
SonicWallSonicCoreNot AffectedSecurity Advisory (sonicwall.com)SonicCore doesn't use a Log4j212/12/2021
SonicWallSonicWall SwitchNot AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the SonicWall Switch.12/12/2021
SonicWallWAFUnder InvestigationSecurity Advisory (sonicwall.com)Under Review12/12/2021
SonicWallWNMNot AffectedSecurity Advisory (sonicwall.com)Log4j2 not used in the WNM.12/12/2021
SonicWallWXANot AffectedSecurity Advisory (sonicwall.com)WXA doesn't use a vulnerable version12/12/2021
SophosCloud OptixFixedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosUsers may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted.12/12/2021
SophosReflexionNot AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosReflexion does not run an exploitable configuration.12/12/2021
SophosSG UTM (all versions)Not AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSophos SG UTM does not use Log4j.12/12/2021
SophosSG UTM Manager (SUM) (all versions)All versionsNot AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSUM does not use Log4j.12/12/2021
SophosSophos CentralNot AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSophos Central does not run an exploitable configuration.12/12/2021
SophosSophos Firewall (all versions)Not AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSophos Firewall does not use Log4j.12/12/2021
SophosSophos HomeNot AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSophos Home does not use Log4j.12/12/2021
SophosSophos MobileNot AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration.12/12/2021
SophosSophos Mobile EAS Proxy< 9.7.2AffectedNoAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosThe Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website.12/12/2021
SophosSophos ZTNANot AffectedAdvisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) SophosSophos ZTNA does not use Log4j.12/12/2021
SOS BerlinSOS Berlin Link
SpambrellaSpambrella FAQ Link
SpigotSpigot Security Release
SplunkSplunk Add-On for Java Management Extensions App ID 26475.2.0 and olderAffectedCVE-2021-44228: 5.2.1 CVE-2021-45046: 5.2.2 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Splunk Add-On for JBoss App ID 29543.0.0 and olderAffectedCVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Add-On for Tomcat App ID 29113.0.0 and olderAffectedCVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkData Stream ProcessorDSP 1.0.x, DSP 1.1.x, DSP 1.2.xAffectedCVE-2021-44228: Pending CVE-2021-45046: Pending CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkIT Essentials Work App ID 54034.11, 4.10.x (Cloud only), 4.9.xAffectedCVE-2021-44228: 4.11.1, 4.10.3, 4.9.5 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkIT Service Intelligence (ITSI) App ID 18414.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.xAffectedCVE-2021-44228: 4.11.1, 4.10.3, 4.9.5, 4.7.3 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Connect for KafkaAll versions prior to 2.0.4AffectedCVE-2021-44228: 2.0.4 CVE-2021-45046: 2.0.5Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Enterprise (including instance types like Heavy Forwarders)All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions.AffectedCVE-2021-44228: 8.1.7.1, 8.2.3.2 CVE-2021-45046: 8.1.7.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Enterprise Amazon Machine Image (AMI)See Splunk EnterpriseAffectedCVE-2021-44228: 8.2.3.2, 8.1.7.1 published to AWS Marketplace CVE-2021-45046: TBDSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Enterprise Docker ContainerSee Splunk EnterpriseAffectedCVE-2021-44228: latest, edge, 8.1, 8.1.7.1, 8.2, 8.2.3.2 CVE-2021-45046: latest, edge, 8.1, 8.1.7.2, 8.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parametersSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Logging Library for Java1.11.0 and olderAffectedCVE-2021-44228: 1.11.1 CVE-2021-45046: 1.11.2Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk OVA for VMWare App ID 32164.0.3 and olderAffectedPendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk OVA for VMWare Metrics App ID 50964.2.1 and olderAffectedPendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk VMWare OVA for ITSI App ID 47601.1.1 and olderAffectedCVE-2021-44338: TBD CVE-2021-45046: TBDSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk On-call / VictorOpsCurrentAffectedCVE-2021-44228: Fixed 12/15 CVE-2021-45046: PendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Real User MonitoringCurrentAffectedCVE-2021-44228: Fixed 12/13 CVE-2021-45046: PendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Application Performance MonitoringCurrentAffectedCVE-2021-44228: Fixed 12/1 CVE-2021-45046: PendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Infrastructure MonitoringCurrentAffectedCVE-2021-44228: Fixed 12/13 CVE-2021-45046: PendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk Log ObserverCurrentAffectedCVE-2021-44228: Fixed 12/16 CVE-2021-45046: PendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk SyntheticsCurrentAffectedCVE-2021-44228: Fixed 12/10 CVE-2021-45046: PendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
SplunkSplunk UBA OVA Software5.0.3a, 5.0.0AffectedPendingSplunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)9:30 am PT, 12/20/21
Sprecher AutomationSprecher Automation Security Alert
SpringSpring BootUnkownhttps://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-bootSpring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2
Spring BootSpring Boot Vulnerability Statement
StarDogStarDog
Sterling Order IBMIBM Statement
StoragementStoragement
StormShieldStormShield Security Alert
StrangeBee TheHive & CortexStrangeBee Statement
StratodeskSTratodesk Statement
StrimziStrimzi Statement
StripeStripe Support
StyraStyra Security Notice
SumologicSumologic Statement
SumoLogicSumologic Release Notes
Superna EYEGLASSSuperna EYEGLASS Technical Advisory
Suprema IncSuprema Inc
SUSESUSE Statement
SweepwidgetSweepwidget Statement
SwyxSwyx Advisory
Synchro MSPSynchro MSP Advisory
SyncplifySyncplify Advisory
SynologySynology Advisory
SynopsysSynopsys Advisory
SyntevoSyntevo Statement
SysAidhttps://www.sysaid.com/lp/important-update-regarding-apache-log4j
Sysdighttps://sysdig.com/blog/cve-critical-vulnerability-log4j/
Talendhttps://jira.talendforge.org/browse/TCOMP-2054
TaniumTanium Article
TealiumIQTealiumIQ Security Update
TeamPasswordManagerTeamPasswordManager Blog
TeamviewerTeamViewer Bulletin
Tech SoftwareOneAegis (f/k/a IRBManager)All versionsNot AffectedLog4j CVE-2021-44228 Vulnerability Impact StatementOneAegis does not use Log4j.12/15/2021
Tech SoftwareSMARTAll versionsNot AffectedLog4j CVE-2021-44228 Vulnerability Impact StatementSMART does not use Log4j.12/15/2021
Tech SoftwareStudy BindersAll versionsNot AffectedLog4j CVE-2021-44228 Vulnerability Impact StatementStudy Binders does not use Log4j.12/15/2021
TechSmithTechSmith Article
TelestreamTelestream Bulletin
TenableTenable log4j Statement
ThalesCipherTrust Application Data Protection (CADP) – CAPI.net & Net CoreNot AffectedThales Support12/17/2021
ThalesCipherTrust Cloud Key Manager (CCKM) EmbeddedNot AffectedThales Support12/17/2021
ThalesCipherTrust Database ProtectionNot AffectedThales Support12/17/2021
ThalesCipherTrust ManagerNot AffectedThales Support12/17/2021
ThalesCipherTrust Transparent Encryption (CTE/VTE/CTE-U)Not AffectedThales Support12/17/2021
ThalesCipherTrust Vaultless Tokenization (CTS, CT-VL)Not AffectedThales Support12/17/2021
ThalesData Protection on DemandNot AffectedThales Support12/17/2021
ThalesData Security Manager (DSM)Not AffectedThales Support12/17/2021
ThalesKeySecureNot AffectedThales Support12/17/2021
ThalesLuna EFTNot AffectedThales Support12/17/2021
ThalesLuna Network, PCIe, Luna USB HSM and backup devicesNot AffectedThales Support12/17/2021
ThalesLuna SPNot AffectedThales Support12/17/2021
ThalesProtectServer HSMsNot AffectedThales Support12/17/2021
ThalesSafeNet Authentication ClientNot AffectedThales Support12/17/2021
ThalesSafeNet IDPrime VirtualNot AffectedThales Support12/17/2021
ThalesSafeNet eToken (all products)Not AffectedThales Support12/17/2021
ThalesSafeNet IDPrime(all products)Not AffectedThales Support12/17/2021
ThalesSafeNet LUKSNot AffectedThales Support12/17/2021
ThalesSafeNet ProtectApp (PA) CAPI, .Net & Net CoreNot AffectedThales Support12/17/2021
ThalesSafeNet ProtectDB (PDB)Not AffectedThales Support12/17/2021
ThalesSafeNet ProtectVNot AffectedThales Support12/17/2021
ThalesSafenet ProtectFile and ProtectFile- FuseNot AffectedThales Support12/17/2021
ThalesSafeNet Transform Utility (TU)Not AffectedThales Support12/17/2021
ThalesSafeNet Trusted Access (STA)Not AffectedThales Support12/17/2021
ThalesSafeNet PKCS#11 and TDENot AffectedThales Support12/17/2021
ThalesSafeNet SQL EKMNot AffectedThales Support12/17/2021
ThalesSAS on Prem (SPE/PCE)Not AffectedThales Support12/17/2021
ThalesSentinel EMS Enterprise OnPremiseNot AffectedThales Support12/17/2021
ThalesSentinel ESDaaSNot AffectedThales Support12/17/2021
ThalesSentinel UpNot AffectedThales Support12/17/2021
ThalesSentinel RMSNot AffectedThales Support12/17/2021
ThalesSentinel Connect

About

A community sourced list of log4j-affected software

Resources

License

Stars

Watchers

Forks






    • Related Articles

    • Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation

      Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation Microsoft 365 Defender Threat Intelligence Team Microsoft Threat Intelligence Center (MSTIC) Updates: [12/16/2021] New Microsoft Sentinel solution and additional ...
    • Apache Log4j Vulnerability Guidance

      Immediate Actions to Protect Against Log4j Exploitation • Discover all internet facing assets that allow data inputs and use Log4j Java library anywhere in the stack. • Discover all assets that use the Log4j library. • Update or isolate affected ...
    • Microsoft’s Response to CVE-2021-44228 Apache Log4j 2

      Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 MSRC / By MSRC Team / December 11, 2021 ​ SUMMARY Microsoft continues our analysis of the remote code execution vulnerabilities related to Apache Log4j (a logging tool used in many Java-based ...
    • Log4J Affected Apps/Vendors

      Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE) for security responders. We believe it is important to classify the vendors and products between: Internal risk - what you need to patch first to ...
    • Log4j Advisories, notices, patches, or updates

      Given the severity of the vulnerability and how easy it is to exploit it, CISA today released guidance for companies to set up defenses against Log4Shell attacks. The agency's recommendation is to "apply available patches immediately" and to ...