1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-16 22:07:55 +00:00
log4j-affected-db/README.md

1048 lines
206 KiB
Markdown
Raw Normal View History

2021-12-13 15:27:47 +00:00
# CISA Log4j (CVE-2021-44228) Vulnerability Guidance
This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and administrators to review the [official Apache release](https://logging.apache.org/log4j/2.x/security.html) and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.
</br>
</br>
**Official CISA Guidance & Resources:**
</br>
CISA Director Jen Easterly's Statement: [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability).
</br> CISA Current Activity Alert: [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce)
</br>
2021-12-13 16:54:29 +00:00
National Vulnerability Database (NVD) Information: [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228)
</br>
</br>
2021-12-13 19:51:47 +00:00
CISA will maintain a list of all publicly available information and vendor-supplied advisories regarding the Log4j vulnerability. This list is not a full list and will be updated continuously. If you have any additional information to share relevant to the log4j vulnerability, please feel free to open an issue [here](https://github.com/cisagov/log4j-affected-db/issues). We have a template available for your submission. Please also feel free to submit a pull request.
2021-12-13 19:00:01 +00:00
# Status Descriptions
|Status| Description |
|------|-------------|
| Unknown | Status unknown. Default choice. |
| Affected| Reported to be affected by CVE-2021-44228. |
2021-12-13 18:52:25 +00:00
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
2021-12-13 18:44:48 +00:00
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
2021-12-13 15:27:47 +00:00
# Software List
| Vendor | Product | Version | Status | Update Available | Vendor Link | Notes | Other References | Last Updated |
2021-12-13 22:38:19 +00:00
|:--------------|:----------------|:---------------:|:---------------:|:-----------------|-------------|-------|:-----------------|--------------:|
2021-12-14 15:10:46 +00:00
| AIL | AIL | all | Fixed | Yes | [source](https://twitter.com/ail_project/status/1470373644279119875) | | | 12/14/21 |
| Apache | Cassandra | all | Fixed | Yes | [source](https://lists.apache.org/thread/2rngylxw8bjos6xbo1krp29m9wn2hhdr) | | | 12/14/21 |
| Apache | Druid | 0.22.1 | Fixed | Yes | [source](https://github.com/apache/druid/pull/12051) | | | 12/14/21 |
| Apache | Flink | 1.15.0, 1.14.1, 1.13.4 | Fixed | Yes | [source](https://issues.apache.org/jira/browse/FLINK-25240) | | | 12/14/21 |
| Apache | Log4j | 2.15.0 | Fixed | Yes | [source](https://logging.apache.org/log4j/2.x/security.html) | | | 12/14/21 |
| Apache | Kafka | Unknown | Fixed | Yes | [source](https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv) | Only vulnerable in certain configuration | | 12/14/21 |
| Apache | SOLR | 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 | Fixed | Yes | [source](https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228) | Versions before 7.4 also vulnerable when using several configurations | | 12/14/21 |
| Apache | Tika | 2.0.0 and up | Fixed | Yes | [source](https://tika.apache.org/2.0.0/index.html) | | | 12/14/21 |
| Apache | Tomcat | | Fixed | Yes | [source](https://tomcat.apache.org/tomcat-9.0-doc/logging.html) | | | 12/14/21 |
| Apache | Zookeeper | | Fixed | Yes | [source](https://issues.apache.org/jira/browse/ZOOKEEPER-4423) | Zookeeper uses Log4j 1.2 version | | 12/14/21 |
| Apereo | CAS | 6.3.x & 6.4.x | Fixed | Yes | [source](https://apereo.github.io/2021/12/11/log4j-vuln/) | Other versions still in active maintainance might need manual inspection | | 12/14/21 |
| Apereo | Opencast | < 9.10, < 10.6 | Fixed | Yes | [source](https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8) | | | 12/14/21 |
| Apigee | Edge and OPDK products | All version | Fixed | Yes | [source](https://status.apigee.com/incidents/3cgzb0q2r10p) | | | 12/14/21 |
| Aptible | Aptible | ElasticSearch 5.x | Fixed | Yes | [source](https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4) | | | 12/14/21 |
| Atlassian | Jira Server & Data Center | On prem | Fixed | Yes | [source](https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html) | Only vulnerable when using non-default config, cloud version still under investigation | | 12/14/21 |
| Atlassian | Confluence Server & Data Center | On prem | Fixed | Yes | [source](https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html) | Only vulnerable when using non-default config, cloud version still under investigation | | 12/14/21 |
| Atlassian | Bamboo Server & Data Center | On prem | Fixed | Yes | [source](https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html) | Only vulnerable when using non-default config, cloud version still under investigation | | 12/14/21 |
| Atlassian | Crowd Server & Data Center | On prem | Fixed | Yes | [source](https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html) | Only vulnerable when using non-default config, cloud version still under investigation | | 12/14/21 |
| Atlassian | Fisheye | On prem | Fixed | Yes | [source](https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html) | Only vulnerable when using non-default config, cloud version still under investigation | | 12/14/21 |
| Atlassian | Crucible | On prem | Fixed | Yes | [source](https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html) | Only vulnerable when using non-default config, cloud version still under investigation | | 12/14/21 |
| Amazon | EC2 | Amazon Linux 1 & 2 | Fixed | Yes | [source](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | Default packages not vulnerable | | 12/14/21 |
| Amazon | OpenSearch | Unknown | Fixed | Yes | [source](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | 12/14/21 |
| Amazon | AWS Lambda | Unknown | Fixed | Yes | [source](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | Vulnerable when using aws-lambda-java-log4j2 | | 12/14/21 |
| Amazon | AWS CloudHSM | < 3.4.1. | Fixed | Yes | [source](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | 12/14/21 |
| Azure | Data lake store java | < 2.3.10 | Fixed | Yes | [source](https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310) | | | 12/14/21 |
| APC | PowerChute Business Edition | Unknow to 10.0.2.301 | Fixed | Yes | | | | 12/14/21 |
| APC | PowerChute Network Shutdown | Unknow to 4.2.0 | Fixed | Yes | | | | 12/14/21 |
| Akamai | Siem Splunk Connector | Unknown to latest | Fixed | Yes |
| [source](https://github.com/akamai/siem-splunk-connector) | | 12/14/21 |
| Avaya | | | Fixed | Yes |
| [source](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | 12/14/21 |
| Backblaze | Cloud | N/A (SaaS) | Fixed | Yes | [source](https://help.backblaze.com/hc/en-us/articles/4412580603419) | Cloud service patched | | 12/14/21 |
| BigBlueButton | BigBlueButton | Unknown | Fixed | Yes | [source](https://github.com/bigbluebutton/bigbluebutton/issues/13897) | | | 12/14/21 |
| Bitdefender | GravityZone On-Premises | Unknown | Fixed | Yes | [source](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | 12/14/21 |
| Bitnami | Unknown | Unknown | Fixed | Yes | [source](https://docs.bitnami.com/general/security/security-2021-12-10/) | | | 12/14/21 |
| Brian Pangburn | SwingSet | < 4.0.6 | Fixed | Yes | [source](https://github.com/bpangburn/swingset/releases/tag/swingset-4.0.6) | | | 12/14/21 |
| Broadcom | CA Advanced Protection | 9.1 & 9.1.01 | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Endpoint Protection Manager (SEPM) | 14.3 | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Advanced Secure Gateway (ASG) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | BCAAA | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Content Analysis (CA)(SEPM) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Cloud Workload Protection (CWP) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Cloud Workload Protection for Storage (CWP:S) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Critical System Protection (CSP) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Email Security Service (ESS) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | HSM Agent | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Industrial Control System Protection (ICSP) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Integrated Cyber Defense Manager (ICDm) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Integrated Secure Gateway (ISG) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Layer7 API Developer Portal | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Management Center (MC) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | PacketShaper (PS) S-Series | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | PolicyCenter (PC) S-Series | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Privileged Access Manager | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Privileged Access Manager Server Control | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Privileged Identity Manager | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Reporter | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Secure Access Cloud (SAC) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | SiteMinder (CA Single Sign-On) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | SSL Visibility (SSLV) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Endpoint Detection and Response (EDR) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Endpoint Encryption (SEE) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Endpoint Protection (SEP) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Endpoint Protection (SEP) for Mobile | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Mail Security for Microsoft Exchange (SMSMSE) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Messaging Gateway (SMG) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Protection Engine (SPE) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Protection for SharePoint Servers (SPSS) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | VIP Authentication Hub | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Web Isolation (WI) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Web Security Service (WSS)) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | WebPulse | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | CloudSOC Cloud Access Security Broker (CASB) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Control Compliance Suite (CCS) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Data Center Security (DCS) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Data Loss Prevention (DLP) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Ghost Solution Suite (GSS) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | IT Management Suite | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Layer7 API Gateway | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Layer7 Mobile API Gateway | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | ProxySG | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Security Analytics (SA) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Directory | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec Identity Governance and Administration (IGA) | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | Symantec PGP Solutions | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Broadcom | VIP | Unknown | Fixed | Yes | [source](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | 12/14/21 |
| Carbon Black | Cloud Workload Appliance | Unknown | Fixed | Yes | [source](https://community.carbonblack.com/t5/Documentation-Downloads/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134) | More information on pages linked bottom of blogpost (behind login) | | 12/14/21 |
| Carbon Black | EDR Servers | Unknown | Fixed | Yes | [source](https://community.carbonblack.com/t5/Documentation-Downloads/Log4Shell-Log4j-Remote-Code-Execution-CVE-2021-44228/ta-p/109134) | More information on pages linked bottom of blogpost (behind login) | | 12/14/21 |
| Cerberus | FTP | Unknown | Fixed | Yes | [source](https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability) | | | 12/14/21 |
| Cerebrate | Cerebrate | All | Fixed | Yes | [source](https://twitter.com/cerebrateproje1/status/1470347775141421058) | | | 12/14/21 |
| Checkpoint | Quantum Security Gateway | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Checkpoint | Quantum Security Management | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Checkpoint | CloudGuard | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Checkpoint | Infinity Portal | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Checkpoint | Harmony Endpoint & Harmony Mobile | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Checkpoint | SMB | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Checkpoint | ThreatCloud | Unknown | Fixed | Yes | [source](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS) | | | 12/14/21 |
| Chef | Infra Server | All | Fixed | Yes | [source](https://www.chef.io/blog/is-chef-vulnerable-to-cve-2021-44228-(log4j)) | | | 12/14/21 |
| Chef | Automate | All | Fixed | Yes | [source](https://www.chef.io/blog/is-chef-vulnerable-to-cve-2021-44228-(log4j)) | | | 12/14/21 |
| Chef | Backend | All | Fixed | Yes | [source](https://www.chef.io/blog/is-chef-vulnerable-to-cve-2021-44228-(log4j)) | | | 12/14/21 |
| Cisco | General Cisco Disclaimer | Cisco is updating their advisory three times a day, please keep their website in your watchlist. We will try to update accordingly | Fixed | Yes | | | | 12/14/21 |
| Cisco | AnyConnect Secure Mobility Client | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco SocialMiner | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Extensible Network Controller (XNC) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus Data Broker | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus Insights | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Wide Area Application Services (WAAS) | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco AMP Virtual Private Cloud Appliance | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Adaptive Security Appliance (ASA) Software | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Advanced Web Security Reporting Application | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Content Security Management Appliance (SMA) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Email Security Appliance (ESA) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Firepower 4100 Series | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Firepower 9300 Security Appliances | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Firepower Management Center | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Firepower Threat Defense (FTD) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Identity Services Engine (ISE) | Unknown | Affected | No | [source](https://tools.cisco.com/bugsearch/bug/CSCwa47133) | | | 12/14/21 |
| Cisco | Cisco Web Security Appliance (WSA) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco ACI Multi-Site Orchestrator | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco CloudCenter Suite Admin | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco CloudCenter Workload Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Connected Grid Device Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Connected Mobile Experiences | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Crosswork Change Automation | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco DNA Assurance | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Data Center Network Manager (DCNM) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Elastic Services Controller (ESC) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Modeling Labs | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Network Planner | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Network Services Orchestrator (NSO) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus Dashboard (formerly Cisco Application Services Engine) | <2.1.2 | Affected | No | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | Patch expected 7-jan-2022 | | 12/14/21 |
| Cisco | Cisco Optical Network Planner | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Policy Suite | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Central for Service Providers | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Collaboration Assurance | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Collaboration Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Collaboration Provisioning | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Infrastructure | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime License Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Network Registrar | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Optical for Service Providers | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Provisioning | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Service Catalog | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco UCS Performance Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco WAN Automation Engine (WAE) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco ACI Virtual Edge | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco ASR 5000 Series Routers | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco DNA Center | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Enterprise NFV Infrastructure Software (NFVIS) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco GGSN Gateway GPRS Support Node | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco IOS and IOS XE Software | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco IOx Fog Director | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco IP Services Gateway (IPSG) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco MDS 9000 Series Multilayer Switches | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco MME Mobility Management Entity | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Mobility Unified Reporting and Analytics System | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Network Assurance Engine | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Network Convergence System 2000 Series | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 5500 Platform Switches | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 5600 Platform Switches | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 6000 Series Switches | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 7000 Series Switches | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco PDSN/HA Packet Data Serving Node and Home Agent | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco PGW Packet Data Network Gateway | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco SD-WAN vEdge 1000 Series Routers | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco SD-WAN vEdge 2000 Series Routers | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco SD-WAN vEdge 5000 Series Routers | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco SD-WAN vEdge Cloud Router Platform | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco SD-WAN vManage | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Secure Network Analytics (SNA), formerly Stealthwatch | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco System Architecture Evolution Gateway (SAEGW) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco HyperFlex System | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco UCS Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco BroadWorks | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Broadcloud Calling | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Computer Telephony Integration Object Server (CTIOS) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Contact Center Domain Manager (CCDM) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Contact Center Management Portal (CCMP) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Emergency Responder | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Enterprise Chat and Email | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Finesse | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Packaged Contact Center Enterprise | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Paging Server (InformaCast) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Paging Server | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Attendant Console Advanced | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Attendant Console Business Edition | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Attendant Console Department Edition | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Attendant Console Enterprise Edition | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Attendant Console Premium Edition | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Contact Center Enterprise | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Contact Center Express | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Customer Voice Portal | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Intelligent Contact Management Enterprise | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified SIP Proxy Software | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Virtualized Voice Browser | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Exony Virtualized Interaction Manager (VIM) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Expressway Series | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Meeting Server | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco TelePresence Management Suite | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco TelePresence Video Communication Server (VCS) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Vision Dynamic Signage Director | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Mobility Services Engine | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco CX Cloud Agent Software | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Cloud Email Security | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Cognitive Intelligence | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Common Services Platform Collector | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Connectivity | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco DNA Spaces | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Defense Orchestrator | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Intersight | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco IoT Operations Dashboard | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Kinetic for Cities | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Network Assessment (CNA) Tool | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Umbrella | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Managed Services Accelerator (MSX) Network Access Control Service | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | AppDynamics | <21.12.0 | Fixed | Yes | [source](https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability) | | | 12/14/21 |
| Cisco | Cisco Webex Meetings Server | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Evolved Programmable Network Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Integrated Management Controller (IMC) Supervisor | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Intersight Virtual Appliance | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco UCS Director | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Contact Center Enterprise - Live Data server | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Video Surveillance Operations Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Communications Manager Cloud | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Webex Cloud-Connected UC (CCUC) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Duo | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Jabber Guest | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Cloud Services Platform 2100 | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Cloud Services Platform 5000 Series | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Tetration Analytics | All versions | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Adaptive Security Device Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Registered Envelope Service | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Business Process Automation | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco CloudCenter Action Orchestrator | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Container Platform | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Access Registrar | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Cable Provisioning | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Collaboration Deployment | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime IP Express | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Network Registrar | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Prime Performance Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Security Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco UCS Central Software | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco IOS XR Software | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 3000 Series Switches | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Nexus 9000 Series Switches in standalone NX-OS mode | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco UCS C-Series Rack Servers - Integrated Management Controller | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Hosted Collaboration Mediation Fulfillment | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Communications Domain Manager | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unified Intelligence Center | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unity Connection | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Unity Express | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Ultra Packet Core | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| Cisco | Cisco Smart Software Manager On-Prem | Unknown | Fixed | Yes | [source](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | 12/14/21 |
| CIS-CAT | CIS-CAT Pro Assessor | 4.12.0 and below | Affected | No | [proof] (<https://ibb.co/98kyxqK>) | Found by manual scanning | | 12/14/21 |
| Citrix | NetScaler ADC | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | Implementation not using WlonNS feature, is not impacted | | 12/14/21 |
| Citrix | NetScaler Gateway | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Analytics | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Application Delivery Management (NetScaler MAS) | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Hypervisor (XenServer) | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | SD-WAN | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Virtual Apps and Desktops (XenApp & XenDesktop) | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Workspace | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Workspace App | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| Citrix | Sharefile | Unknown | Fixed | Yes | [source](https://support.citrix.com/article/CTX335705) | | | 12/14/21 |
| cPanel | cPanel | Unknown | Fixed | Yes | [source](https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/) | | | 12/14/21 |
| Commvault | All products | All versions | Fixed | Yes | [source](https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985?postid=11745#post11745) | | | 12/14/21 |
| Commvault | Cloud Apps & Oracle & MS-SQL | All supported versions | Fixed | Yes | [source](https://documentation.commvault.com/11.24/essential/146231_security_vulnerability_and_reporting.html) | | | 12/14/21 |
| Connect2id | Connect2id server | < 12.5.1 | Fixed | Yes | [source](https://connect2id.com/blog/connect2id-server-12-5-1) | | | 12/14/21 |
| Connectwise | Perch | Unknown | Fixed | Yes | [source](https://www.connectwise.com/company/trust/advisories) | | | 12/14/21 |
| Connectwise | Manage on-premise's Global Search | Unknown | Fixed | Yes | [source](https://www.connectwise.com/company/trust/advisories) | | | 12/14/21 |
| Connectwise | Marketplace | Unknown | Fixed | Yes | [source](https://www.connectwise.com/company/trust/advisories) | | | 12/14/21 |
| Connectwise | Global search capability of Manage Cloud | Unknown | Fixed | Yes | [source](https://www.connectwise.com/company/trust/advisories) | | | 12/14/21 |
| Connectwise | StratoZen | Unknown | Fixed | Yes | [source](https://www.connectwise.com/company/trust/advisories) | Urgent action for self-hosted versions | | 12/14/21 |
| Contrast | Hosted SaaS Enviroments | All | Fixed | Yes | [source](https://support.contrastsecurity.com/hc/en-us/articles/4412612486548) | | | 12/14/21 |
| Contrast | On-premises (EOP) Environments | All | Fixed | Yes | [source](https://support.contrastsecurity.com/hc/en-us/articles/4412612486548) | | | 12/14/21 |
| Contrast | Java Agent | All | Fixed | Yes | [source](https://support.contrastsecurity.com/hc/en-us/articles/4412612486548) | | | 12/14/21 |
| Contrast | Scan | All | Fixed | Yes | [source](https://support.contrastsecurity.com/hc/en-us/articles/4412612486548) | | | 12/14/21 |
| ControlUp | All products | All versions | Fixed | Yes | [source](https://status.controlup.com/incidents/qqyvh7b1dz8k) | | | 12/14/21 |
| Coralogix | Coralogix | Unknown | Fixed | Yes | [source](https://status.coralogix.com/incidents/zzfn8t0fzdy2?u=1q9952ycm1gr) | | | 12/14/21 |
| Couchbase | Couchbase ElasticSearch connector | < 4.3.3 & 4.2.13 | Fixed | Yes | [source](https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402) | | | 12/14/21 |
| Cryptshare | Cryptshare Server | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cryptshare | Cryptshare for Outlook | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cryptshare | Cryptshare for Notes | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cryptshare | Cryptshare for NTA 7516 | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cryptshare | Cryptshare .NET API | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cryptshare | Cryptshare Java API | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cryptshare | Cryptshare Robot | All | Fixed | Yes | [source](https://www.cryptshare.com/nl/support/cryptshare-support/) | | | 12/14/21 |
| Cyberark | PAS Self Hosted | | Fixed | Yes | [source](https://cyberark-customers.force.com ) | | | 12/14/21 |
| Cybereason | All Cybereason products | Unknown | Fixed | Yes | [source](https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228) | | | 12/14/21 |
| DatadogHQ | Datadog Agent | 6 < [6.32.2](https://github.com/DataDog/datadog-agent/releases/tag/6.32.2), 7 < [7.32.2](https://github.com/DataDog/datadog-agent/releases/tag/7.32.2) | Fixed | Yes | [source](vendor-statements/DatadogHQ%20-%20Our_response_to_log4j_vulnerability.pdf) | JMX monitoring component leverages an impacted version of log4j | | 12/14/21 |
| Datto | All Datto products | Unknown | Fixed | Yes | [source](https://www.datto.com/blog/dattos-response-to-log4shell) | | | 12/14/21 |
| Debian | Apache-log4j.1.2 | stretch, buster, bullseye | Fixed | Yes | [source](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | 12/14/21 |
| Debian | Apache-log4j2 | stretch, buster, bullseye | Fixed | Yes | [source](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | 12/14/21 |
| Dell | BSAFE Crypto-C Micro Edition | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | BSAFE Crypto-J | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | BSAFE Micro Edition Suite | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Centera | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Chassis Management Controller (CMC) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Cloudlink | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Cloud Mobility for Dell EMC Storage | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Data Domain OS | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | Disk Library for Mainframe | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Embedded NAS | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC Cloud Disaster Recovery | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC DataIQ | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC ECS | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC Integrated System for Microsoft Azure Stack Hub | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC License Manager | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC NetWorker | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC Networking Onie | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC ObjectScale | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC PowerFlex Appliance | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerFlex Manager | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerFlex Rack | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerMax | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerPath Management Appliance | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerPath | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerProtect Cyber Recovery | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerProtect Data Manager | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerProtect DP Series Appliance (iDPA) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC PowerScale OneFS | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerShell for PowerMax | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerShell for Powerstore | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerShell for Unity | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC PowerStore | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC PowerSwitch Z9264F-ON BMC, Dell EMC PowerSwitch Z9432F-ON BMC | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC RecoverPoint | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC Repository Manager (DRM) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC SourceOne | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC SRM vApp | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC Streaming Data Platform | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC Systems Update (DSU) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC Unity | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC Virtual Storage Integrator | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC VPLEX | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | EMC VxRail | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | EMC XtremIO | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Enterprise Hybrid Cloud | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | GeoDrive | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Hybrid Client (DHC) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | ImageAssist | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Insight IQ | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Integrated Dell Remote Access Controller (iDRAC) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | IsilonSD Management Server | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Mainframe Enablers | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | MyDell Mobile | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | NetWorker Management Console | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | NetWorker MM for Hyper-V | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Networking N-Series | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Networking OS9 | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Networking OS | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Networking SD-WAN Edge | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Networking W-Series | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Networking X-Series | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | OMIMSSC (OpenManage Integration for Microsoft System Center) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | OpenManage Change Management | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | OpenManage Enterprise | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | OpenManage Integration for Microsoft System Center for System Center Operations Manager | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | OpenManage Integration with Microsoft Windows Admin Center | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Open Management Enterprise - Modular | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | Open Manage Mobile | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | OpenManage Network Integration | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Open Manage Server Administrator | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | PowerEdge BIOS | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Remotely Anywhere | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Secure Connect Gateway (SCG) 5.0 Appliance | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Smart Fabric Storage Software | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Solutions Enabler | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Sonic | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | SRS Policy Manager | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | SRS VE | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | SupportAssist Client Commercial | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | SupportAssist Client Consumer | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | SupportAssist Enterprise | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Unisphere Central | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | Unisphere for PowerMax | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Vblock | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | ViPR Controller | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | VNX2 | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | VNX Control Station | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Vsan Ready Nodes | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | VxBlock | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | VxFlex Ready Nodes | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Wyse Management Suite Import Tool | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Wyse Management Suite | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Dell | Wyse Proprietary OS (ThinOS) | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/14/21 |
| Dell | Wyse Windows Embedded | Unknown | Fixed | Yes | [source](https://www.dell.com/support/kbdoc/nl-nl/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Fix Release Timeline TBD | | 12/14/21 |
| Docker | Docker infrastructure | Unknown | Fixed | Yes | [source](https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/) | Docker infrastructure not vulnerable, Docker images could be vulnerable. For more info see source. | | 12/14/21 |
| Dropwizard | Dropwizard | Unknown | Fixed | Yes | [source](https://twitter.com/dropwizardio/status/1469285337524580359) | Only vulnerable if you manually added Log4j | | 12/14/21 |
| Dynatrace | Dynatrace Cloud Services | Unknown | Fixed | Yes | [source](https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282) | | | 12/14/21 |
| Dynatrace | ActiveGates | 1.229.49.20211210-165018, 1.227.31.20211210-164955, 1.225.29.20211210-164930, 1.223.30.20211210-164926 | Fixed | Yes | [source](https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282) | | | 12/14/21 |
| EAL | ATS Classic | All Versions | Fixed | Yes | See vendor-statements | | | 12/14/21 |
| Elastic | APM Java Agent | 1.17.0-1.28.0 | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | Only vulnerable with specific configuration | | 12/14/21 |
| Elastic | APM Server | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Beats | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Cmd | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elastic Agent | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elastic Cloud | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elastic Cloud Enterprise | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elastic Cloud on Kubernetes | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elastic Endgame | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elastic Maps Service | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Elasticsearch | < 6.8.21, < 7.16.1 | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | Information leakage vulnerability | | 12/14/21 |
| Elastic | Endpoint Security | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Enterprise Search | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Fleet Server | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Kibana | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Logstash | < 6.8.21, < 7.16.1 | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Machine Learning | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| Elastic | Swiftype | | Fixed | Yes | [source](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/14/21 |
| ELO | Digital Office | | Fixed | Yes | [source](http://www.elo.com) | | | 12/14/21 |
| ESET | All products | Unknown | Fixed | Yes | [source](https://forum.eset.com/topic/30691-log4j-vulnerability/) | | | 12/14/21 |
| Esri | ArcGIS Enterprise and related products | < 10.8.0 | Fixed | Yes | [source](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | | | 12/14/21 |
| EVL Labs | JGAAP | <8.0.2 | Fixed | Yes | [source](https://github.com/evllabs/JGAAP/releases/tag/v8.0.2) | | | 12/14/21 |
| eXtreme Hosting | All products | Unknown | Fixed | Yes | [source](https://extremehosting.nl/log4shell-log4j/) | | | 12/14/21 |
| F5 | All products | | Fixed | Yes | [source](https://support.f5.com/csp/article/K19026212) | F5 products themselves are not vulnerable, but F5 published guidance on mitigating through BIG-IP ASM/Advanced WAF and NGINX App Protect | | 12/14/21 |
| FileCap | All products | <5.1.0 | Fixed | Yes | [source](https://mailchi.mp/3f82266e0717/filecap-update-version-511) | Fix: 5.1.1 | | 12/14/21 |
| Fiix | CMMS core | V5 | Fixed | Yes | [source](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | 12/14/21 |
| Forcepoint | DLP Manager | | Fixed | Yes | [source](https://support.forcepoint.com) | | | 12/14/21 |
| Forcepoint | Forcepoint Cloud Security Gateway (CSG) | | Fixed | Yes | [source](https://support.forcepoint.com) | | | 12/14/21 |
| Forcepoint | Next Generation Firewall (NGFW) | | Fixed | Yes | [source](https://support.forcepoint.com) | | | 12/14/21 |
| Forcepoint | Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder | | Fixed | Yes | [source](https://support.forcepoint.com) | | | 12/14/21 |
| Forcepoint | One Endpoint | | Fixed | Yes | [source](https://support.forcepoint.com) | | | 12/14/21 |
| Forcepoint | Security Manager (Web, Email and DLP) | | Fixed | Yes | [source](https://support.forcepoint.com) | | | 12/14/21 |
| ForgeRock | Autonomous Identity | | Fixed | Yes | [source](https://backstage.forgerock.com/knowledge/kb/book/b21824339#1_bzBa) | all other ForgeRock products not vuln | | 12/14/21 |
| Fortinet | FortiAIOps | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiAnalyzer Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiAnalyzer | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiAP | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiAuthenticator | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiCASB | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiConvertor | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiDeceptor | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiEDR Agent | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiEDR Cloud | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiGate Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiGSLB Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiMail | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiManager Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiManager | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiNAC | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiNAC | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiOS (includes FortiGate & FortiWiFi) | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiPhish Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiPolicy | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiPortal | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiRecorder | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiSIEM | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiSOAR | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiSwitch Cloud in FortiLANCloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiSwitch & FortiSwitchManager | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiToken Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiVoice | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | FortiWeb Cloud | | Fixed | Yes | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| Fortinet | ShieldX | | Affected | No | [source](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | 12/14/21 |
| F-Secure | Endpoint Proxy | 13-15 | Fixed | Yes | [source](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | 12/14/21 |
| F-Secure | Policy Manager | 13-15 | Fixed | Yes | [source](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | 12/14/21 |
| F-Secure | Policy Manager Proxy | 13-15 | Fixed | Yes | [source](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | 12/14/21 |
| FusionAuth | FusionAuth | 1.32 | Fixed | Yes | [source](https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/) | | | 12/14/21 |
| Genesys | All products | | Fixed | Yes | [source](https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability) | | | 12/14/21 |
| GFI Software | Kerio Connect | | Fixed | Yes | [source](https://forums.gfi.com/index.php?t=msg&th=39096&start=0&) | | | 12/14/21 |
| GoAnywhere | MFT | Unknown | Fixed | Yes | [source](https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps) | | | 12/14/21 |
| GoAnywhere | Gateway | Unknown | Fixed | Yes | [source](https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps) | | | 12/14/21 |
| GoAnywhere | Agents | Unknown | Fixed | Yes | [source](https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps) | | | 12/14/21 |
| Graylog | Graylog | < 3.3.15,<4.0.14,<4.1.9,<4.2.3 | Fixed | Yes | [source](https://www.graylog.org/post/graylog-update-for-log4j) | | | 12/14/21 |
| GuardedBox | GuardedBox | <3.1.2 | Fixed | Yes | [source](https://twitter.com/GuardedBox/status/1469739834117799939) | | | 12/14/21 |
| HackerOne | Unknown | Unknown | Fixed | Yes | [source](https://twitter.com/jobertabma/status/1469490881854013444) | | | 12/14/21 |
| Hashicorp | All products | | Fixed | Yes | [source](https://support.hashicorp.com/hc/en-us/articles/4412469195795-CVE-2021-44228-Log4J-has-no-impact-on-HashiCorp-Products) | | | 12/14/21 |
| HCL Software | BigFix Compliance | Unknown | Fixed | Yes | [source](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | | | 12/14/21 |
| HCL Software | BigFix Inventory | Unknown | Fixed | Yes | [source](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | | | 12/14/21 |
| HCL Software | BigFix Compliance | Unknown | Fixed | Yes | [source](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | | | 12/14/21 |
| HCL Software | BigFix Compliance | Unknown | Fixed | Yes | [source](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | | | 12/14/21 |
| Hexagon | M.App Enterprise | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | Might be vulnerable only when used with Geoprocessing Server | | 12/14/21 |
| Hexagon | ERDAS APOLLO Advantage & Professional | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | GeoMedia | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | IMAGINE | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | ImageStation | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | GeoMedia WebMap | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | Geospatial Portal | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | Geospatial SDI | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | GeoMedia SmartClient | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | ERDAS APOLLO Essentials | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | M.App Enterprise standalone or with Luciad Fusion | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | | | 12/14/21 |
| Hexagon | Luciad Fusion | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | The only risk is if Log4J was implemented outside of the default product install | | 12/14/21 |
| Hexagon | Luciad Lightspeed | Unknown | Fixed | Yes | [source](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2) | The only risk is if Log4J was implemented outside of the default product install | | 12/14/21 |
| Hitachi Vantara | Pentaho | v8.3.x, v9.2.x | Fixed | Yes | [source](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | 12/14/21 |
| HostiFi | Unifi hosting | Unknown | Fixed | Yes | [source](https://twitter.com/hostifi_net/status/1440311322592231436) | Hosted Unifi solution | | 12/14/21 |
| Huawei | All products | | Fixed | Yes | [source](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | 12/14/21 |
| IBM | All products | | Fixed | Yes | [source](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/) | | | 12/14/21 |
| IBM | Curam SPM | 8.0.0, 7.0.11 | Fixed | Yes | [source](https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-apache-log4j-may-affect-cram-social-program-management-cve-2019-17571/) | | | 12/14/21 |
| IBM | Sterling Order Management | Unknown | Fixed | Yes | [source](https://www.ibm.com/support/pages/node/6525544) | | | 12/14/21 |
| IBM | Sterling Fulfillment Optimizer | Unknown | Fixed | Yes | [source](https://www.ibm.com/support/pages/node/6525544) | | | 12/14/21 |
| IBM | Sterling Inventory Visibility | Unknown | Fixed | Yes | [source](https://www.ibm.com/support/pages/node/6525544) | | | 12/14/21 |
| IBM | Websphere | 8.5 | Fixed | Yes | [source](https://www.ibm.com/support/pages/node/6525706/) | fix: PH42728 | | 12/14/21 |
| IBM | Websphere | 9.0 | Fixed | Yes | [source](https://www.ibm.com/support/pages/node/6525706/) | fix: PH42728 | | 12/14/21 |
| Inductive Automation | Ignition | All versions | Fixed | Yes | [source](https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day) | | | 12/14/21 |
| Informatica | Axon | 7.2.x | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | Data Privacy Management | 10.5, 10.5.1 | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | Information Deployment Manager | | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | Metadata Manager | 10.4, 10.4.1, 10.5, 10.5.1 | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | PowerCenter | 10.5.1 | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | PowerExchange for CDC (Publisher) and Mainframe | 10.5.1 | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | Product 360 | All versions | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-Updates-for-Informatica-On-premises-Products) | | | 12/14/21 |
| Informatica | Secure Agents (Cloud hosted) | Unknown | Fixed | Yes | [source](https://knowledge.informatica.com/s/article/Apache-Zero-Day-log4j-RCE-Vulnerability-updates-for-Informatica-Cloud-and-Cloud-Hosted-Software) | Fixed agents may need to be restarted | | 12/14/21 |
| IronNet | All products | All verisons | Fixed | Yes | [source](https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability) | | | 12/14/21 |
| Ivanti | All products | All versions | Fixed | Yes | [source](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping) | No products are deemed affected at this moment | | 12/14/21 |
| JFrog | all products | | Fixed | Yes | [source](https://twitter.com/jfrog/status/1469385793823199240) | | | 12/14/21 |
| Jamf Nation | Jamf Cloud | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Pro (hosted on-prem) | < 10.34.1 | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | <10.14 vulnerable, 10.14-10.34 patch, >= 10.34.1 fix | | 12/14/21 |
| Jamf Nation | Health Care Listener | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Connect | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Data Policy | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Infrastructure Manager | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Now | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Private Access | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Protect | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf School | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jamf Nation | Jamf Threat Defense | Unknown | Fixed | Yes | [source](https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740) | | | 12/14/21 |
| Jazz/IBM | JazzSM DASH | Unknown | Fixed | Yes | [source](https://www.ibm.com/support/pages/node/6525552) | DASH on WebSphere Application Server requires mitigations | | 12/14/21 |
| Jenkins | Jenkins CI | Unknown | Fixed | Yes | [source](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/) | Invidivual plugins not developed as part of Jenkins core *may* be vulnerable. | | 12/14/21 |
| JetBrains | YouTrack Standalone | >= 2019.2 <= 2021.4.34389 | Fixed | Yes |
| email, [mitigation](https://www.jetbrains.com/help/youtrack/standalone/Configure-JVM-Options.html#set-jvm-options-jar) | | 12/14/21 |
| Jetbrains | TeamCity | Unknown | Fixed | Yes | [source](https://youtrack.jetbrains.com/issue/TW-74298) | | | 12/14/21 |
| Jitsi | jitsi-videobridge | v2.1-595-g3637fda42 | Fixed | Yes | [source](https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md) | | | 12/14/21 |
| Kaseya | AuthAnvil | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | BMS | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | ID Agent DarkWeb ID and BullPhish ID | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | IT Glue | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | MyGlue | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | Network Glue | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | Passly | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | RocketCyber | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | Spannign Salesforce Backup | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | Spanning O365 Backup | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | Unitrends | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | VSA SaaS and VSA On-Premises | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | Vorex | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Kaseya | products not listed above | Unknown | Fixed | Yes | [source](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | 12/14/21 |
| Keycloak | Keycloak | all version | Fixed | Yes | [source](https://github.com/keycloak/keycloak/discussions/9078) | | | 12/14/21 |
| LeanIX | All products | All versions | Fixed | Yes | [source](https://www.leanix.net/en/blog/log4j-vulnerability-log4shell) | | | 12/14/21 |
| Lightbend | Akka | Unknown | Fixed | Yes | [source](https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275) | | | 12/14/21 |
| Lightbend | Akka Serverless | Unknown | Fixed | Yes | [source](https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275) | | | 12/14/21 |
| Lightbend | Lagom Framework | Unknown | Fixed | Yes | [source](https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275) | Users that switched from logback to log4j are affected | | 12/14/21 |
| Lightbend | Play Framework | Unknown | Fixed | Yes | [source](https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275) | Users that switched from logback to log4j are affected | | 12/14/21 |
| LogicMonitor | LogicMonitor SaaS Platform | Unknown | Fixed | Yes |
| Automatic update before 13th December [source](https://communities.logicmonitor.com/topic/7472-logicmonitor-collectors-running-vulnerable-version-of-log4j-are-affected-by-log4shell-cve-2021-44228-vulnerability/) | | 12/14/21 |
| The Linux Foundation | XCP-ng | All versions | Fixed | Yes | [source](https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact) | | | 12/14/21 |
| LiquidFiles | LiquidFiles | All versions | Fixed | Yes | [source](https://mailchi.mp/liquidfiles/liquidfiles-log4j) | | | 12/14/21 |
| Mailcow | Mailcow Solr Docker | < 1.8 | Fixed | Yes | [source](https://community.mailcow.email/d/1229-cve-2021-44228-vulnerability-solr) | | | 12/14/21 |
| ManageEngine | ADAudit Plus | Unknown | Fixed | Yes | | Third party components bundle log4j | | 12/14/21 |
| ManageEngine | ADManager Plus | Unknown | Fixed | Yes | [source](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | Mitigation: set `-Dlog4j2.formatMsgNoLookups=true` in `jvm.options`. | | 12/14/21 |
| ManageEngine | Desktop Central | Unknown | Fixed | Yes | [source](https://pitstop.manageengine.com/portal/en/community/topic/log4j-security-issue) | | | 12/14/21 |
| McAfee | Data Exchange Layer (DXL) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | Enterprise Security Manager (ESM) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | McAfee Active Response (MAR) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | Network Security Manager (NSM) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | Network Security Platform (NSP) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | Threat Intelligence Exchange (TIE) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | ePolicy Orchestrator Agent Handlers (ePO-AH) | Unknown | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | ePolicy Orchestrator Application Server (ePO) | <= 5.10 CU10 | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| McAfee | ePolicy Orchestrator Application Server (ePO) | 5.10 CU11 | Fixed | Yes | [source](https://kc.mcafee.com/corporate/index?page=content&id=KB95091) | | | 12/14/21 |
| Memurai | All products | | Fixed | Yes | [source](https://www.memurai.com/blog/apache-log4j2-cve-2021-44228) | | | 12/14/21 |
| Metabase | Metabase | <0.41.4 | Fixed | Yes | [source](https://github.com/metabase/metabase/releases/tag/v0.41.4) | Mitigations available for earlier versions | | 12/14/21 |
| Microsoft | | | Fixed | Yes | [source](https://www.microsoft.com/security/blog/2021/12/11/guidance-for-preventing-detecting-and-hunting-for-cve-2021-44228-log4j-2-exploitation/), [IOCs](https://github.com/Azure/Azure-Sentinel/blob/master/Detections/MultipleDataSources/Log4J_IPIOC_Dec112021.yaml) | Microsoft provided additional guidance for preventing, detecting and hunting for exploitation | | 12/14/21 |
| Microsoft | Azure AD | Unknown | Fixed | Yes | [source](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | ADFS itself is not vulnerable, federation providers may be | | 12/14/21 |
| Microsoft | Azure App Service | Unknown | Fixed | Yes | [source](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | This product itself is not vulnerable, Microsoft provides guidance on remediation for hosted applications | | 12/14/21 |
| Microsoft | Azure Application Gateway | Unknown | Fixed | Yes | [source](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | 12/14/21 |
| Microsoft | Azure Front Door | Unknown | Fixed | Yes | [source](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | 12/14/21 |
| Microsoft | Azure WAF | Unknown | Fixed | Yes | [source](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | 12/14/21 |
| Microsoft | Kafka Connect for Azure Cosmo DB | < 1.2.1 | Fixed | Yes | [source](https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md) | | | 12/14/21 |
| Minecraft | Java edition | <1.18.1 | Fixed | Yes | [source](https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition)
| Mitigations available for earlier versions | | 12/14/21 |
| MISP | MISP | All | Fixed | Yes | [source](https://twitter.com/MISPProject/status/1470051242038673412) | | | 12/14/21 |
| MONARC | MONARC | All | Fixed | Yes | [source](https://twitter.com/MONARCproject/status/1470349937443491851) | | | 12/14/21 |
| MongoDB | Atlas Search | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| Affected and patched. No evidence of exploitation or indicators of compromise prior to the patch were discovered. | | 12/14/21 |
| MongoDB | Atlas | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| Including Atlas Database, Data Lake, Charts | | 12/14/21 |
| MongoDB | Enterprise Advanced | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| Including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators. | | 12/14/21 |
| MongoDB | Community Edition | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| Including Community Server, Cloud Manager, Community Kubernetes Operators. | | 12/14/21 |
| MongoDB | Drivers | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| | | 12/14/21 |
| MongoDB | Tools | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| Including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors | | 12/14/21 |
| MongoDB | Realm | Unknown | Fixed | Yes | [source](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb)
| including Realm Database, Sync, Functions, APIs | | 12/14/21 |
| Moodle | Moodle | All | Fixed | Yes | [source](https://moodle.org/mod/forum/discuss.php?d=429966)
| | | 12/14/21 |
| -------------------- | -------------------------------------------------------------------- | :--------: | Fixed | Yes | -----------------------------------------------------------------------------------------------------------------: | ------------------------------------------------ | | 12/14/21 |
| N-able | Backup | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | MSP Manager | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | Mail Assure | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | N-central | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | Passportal | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | RMM | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | Risk Intelligence | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| N-able | Take Control | Unknown | Fixed | Yes | [source](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | 12/14/21 |
| Neo4j | Neo4j | > 4.2 | Fixed | Yes | [source](https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856) | Workaround is available, but not released yet. | | 12/14/21 |
| Nelson | Nelson | 0.16.185 | Fixed | Yes | [source](https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala) | Workaround is available, but not released yet. | | 12/14/21 |
| NetApp | Brocade SAN Naviator | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | Cloud Manager | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | Element Plug-in for vCenter Server | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | Management Services for Element Software and NetApp HCI | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | NetApp HCI Compute Node | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | NetApp SolidFire & HCI Management Node | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | NetApp SolidFire Plug-in for vRealize Orchestrator (SolidFire vRO) | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | NetApp SolidFire, Enterprise SDS & HCI Storage | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| NetApp | NetApp SolidFireStorage Replication Adapter | Unknown | Fixed | Yes | [source](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | 12/14/21 |
| Netflix | atlas | 1.6.6 | Fixed | Yes | [source](https://github.com/Netflix/atlas/commit/5baff2b656a45886b85968a4b66f33bd36c648be) | | | 12/14/21 |
| Netflix | dgs-framework | < 4.9.11 | Fixed | Yes | [fix](https://github.com/Netflix/dgs-framework/releases/tag/v4.9.11) | | | 12/14/21 |
| Netflix | spectator | < 1.0.9 | Fixed | Yes | [fix](https://github.com/Netflix/spectator/releases/tag/v1.0.9) | | | 12/14/21 |
| Netflix | zuul | Unknown | Fixed | Yes | [source](https://github.com/Netflix/zuul/commit/280f20cd51deb7e72275625d5ec556aae06f6a29) | | | 12/14/21 |
| NetIQ | Access Manager | > 4.5.x & > 5.0.x | Fixed | Yes | [workaround](https://portal.microfocus.com/s/article/KM000002997) | | | 12/14/21 |
| Netwrix | Netwrix Auditor | | Fixed | Yes | [source](http://www.publicnow.com/view/EA90CB461F5F0A1BA339E2AC55C719CA5AD58CE4) | | | 12/14/21 |
| New Relic | Java Agent | 6.5.1 & 7.4.1 | Fixed | Yes | [source](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-03/) | | | 12/14/21 |
| NextGen Healthcare | Mirth | Unknown | Fixed | Yes | [source](https://github.com/nextgenhealthcare/connect/discussions/4892#discussioncomment-1789526) | | | 12/14/21 |
| NSA | Ghidra | < 10.1 | Fixed | Yes | [source](https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning), [fix](https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_10.1_build) | | | 12/14/21 |
| Nutanix | AOS | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | AHV | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Prism Central | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | Flow Security Central | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | 12/14/21 |
| Nutanix | Files | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Objects | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Volumes | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | Mine | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Era | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | X-Ray | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | LCM | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Move | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | NCC | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Foundation | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Investigating | | 12/14/21 |
| Nutanix | Karbon | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | Leap | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | Calm | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | Beam | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| Nutanix | Frame | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | 12/14/21 |
| Nutanix | Sizer | Unknown | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | See advisory | | 12/14/21 |
| Nutanix | Insights | All versions | Fixed | Yes | [source](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patch pending | | 12/14/21 |
| NXLog | NXLog Manager | 5.x | Fixed | Yes | [source](https://nxlog.co/news/apache-log4j-vulnerability-cve-2021-44228) | | | 12/14/21 |
| Obsidian Dynamics | kafdrop | all | Fixed | Yes | [source](https://github.com/obsidiandynamics/kafdrop/issues/315) | | | 12/14/21 |
| Okta | AD Agent | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | Access Gateway | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | Advanced Server Access | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | Browser Plugin | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | IWA Web Agent | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | LDAP Agent | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | Mobile | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | On-Prem MFA Agent | <1.4.6 | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell), [fix](https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228) | | | 12/14/21 |
| Okta | Radius Server Agent | 2.17.0 | Fixed | Yes | [source/fix](https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228) | | | 12/14/21 |
| Okta | Verify | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | Workflow | Unknown | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/14/21 |
| Okta | RADIUS Server Agent | <2.17.0 | Fixed | Yes | [source](https://sec.okta.com/articles/2021/12/log4shell), [fix](https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228) | | | 12/14/21 |
| OpenMRS | Talk | 2.4.0-2.4.1 | Fixed | Yes | [source](https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341) | Mitigations are available, pending a new release | | 12/14/21 |
| OpenNMS | Horizon (including derived Sentinels) | < 29.0.3 | Fixed | Yes | [source](https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/) | Workarounds are available too for earlier versions | | 12/14/21 |
| OpenNMS | Meridian (including derived Minions and Sentinels) | < 2021.1.8, 2020.1.15, 2019.1.27 | Fixed | Yes | [source](https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/) | Workarounds are available too for earlier versions | | 12/14/21 |
| OpenNMS | Minion appliance | Unknown | Fixed | Yes | [source](https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/) | | | 12/14/21 |
| OpenNMS | PoweredBy OpenNMS | Unknown | Fixed | Yes | [source](https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/) | | | 12/14/21 |
| OpenSearch | OpenSearch | < 1.2.1 | Fixed | Yes | [source](https://opensearch.org/blog/releases/2021/12/update-to-1-2-1/) | | | 12/14/21 |
| Oracle | Database | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Fusion Middleware | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 209768.1](https://support.oracle.com/rs?type=doc&id=209768.1), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle Enterprise Manager | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 209768.1](https://support.oracle.com/rs?type=doc&id=209768.1), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle WebLogic Server | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 209768.1](https://support.oracle.com/rs?type=doc&id=209768.1), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle HTTP Server | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 209768.1](https://support.oracle.com/rs?type=doc&id=209768.1), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle Internet Directory | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 209768.1](https://support.oracle.com/rs?type=doc&id=209768.1), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle SOA Suite | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle Fusion Middleware Infrastructure | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle Access Manager | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle eBusiness Suite | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle Policy Automation (OPA) | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | NoSQL Database | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle WebCenter Portal | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1) | | | 12/14/21 |
| Oracle | Oracle Data Integrator (ODI) | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1), [Support Note 2827793.1](https://support.oracle.com/rs?type=doc&id=2827793.1) | [Patch Available, Support Note 2827793.1] (<https://support.oracle.com/rs?type=doc&id=2827793.1>) | | 12/14/21 |
| Oracle | Oracle WebCenter Sites | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1), [Support Note 2827793.1](https://support.oracle.com/rs?type=doc&id=2827793.1) | [Patch Available, Support Note 2827793.1] (<https://support.oracle.com/rs?type=doc&id=2827793.1>) | | 12/14/21 |
| Oracle | Oracle Enterprise Repository | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1), [Support Note 2827793.1](https://support.oracle.com/rs?type=doc&id=2827793.1) | [Patch Available, Support Note 2827793.1] (<https://support.oracle.com/rs?type=doc&id=2827793.1>) | | 12/14/21 |
| Oracle | Oracle JDeveloper | Unknown | Fixed | Yes | [source](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html), [Support note 2827611.1](https://support.oracle.com/rs?type=doc&id=2827611.1), [Support Note 2827793.1](https://support.oracle.com/rs?type=doc&id=2827793.1) | [Patch Available, Support Note 2827793.1] (<https://support.oracle.com/rs?type=doc&id=2827793.1>) | | 12/14/21 |
| openHAB | openHAB | 3.0.4, 3.1.1 | Fixed | Yes | [source](https://github.com/openhab/openhab-distro/security/advisories/GHSA-j99j-qp89-pcfq) | | | 12/14/21 |
| OTRS | All products | | Fixed | Yes | [source](https://portal.otrs.com/external) | | | 12/14/21 |
| OWASP | ZAP | < 2.11.1 | Fixed | Yes | [source](https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/) | | | 12/14/21 |
| PagerDuty | Rundeck | 3.3+ | Fixed | Yes | [source](https://github.com/rundeck/rundeck/pull/7427) | No statement from PagerDuty yet. | | 12/14/21 |
| Palo Alto | WildFire Appliance | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | Prisma Cloud Compute | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | Prisma Cloud | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | PAN-OS | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | GlobalProtect App | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | Cortex XSOAR | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | Cortex XDR Agent | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | CloudGenix | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| Palo Alto | Bridgecrew | | Fixed | Yes | [source](https://security.paloaltonetworks.com/CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut MF | >= 21.0 | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut NG | >= 21.0 | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut Hive | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut Pocket | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut Views | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut Print Logger | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut MobilityPrint | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut MultiVerse | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| PaperCut | PaperCut Online Services | | Fixed | Yes | [source](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | 12/14/21 |
| Parallels | Remote Application Server | All versions | Fixed | Yes | [source](https://kb.parallels.com/en/128696) | | | 12/14/21 |
| Pega | Pega Platform | On Prem | Fixed | Yes | [source](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | 12/14/21 |
| Planon Software | Planon Universe | all | Fixed | Yes | [source](https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/) | | | 12/14/21 |
| Plex | Industrial IoT | | Fixed | Yes | [source](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | Mitigation already applied, patch will be issued today | | 12/14/21 |
| Postgres | PostgreSQL JDBC | | Fixed | Yes | [source](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | 12/14/21 |
| Progress | OpenEdge | | Fixed | Yes | [source](https://www.progress.com/security), [mitigations](https://knowledgebase.progress.com/articles/Knowledge/Is-OpenEdge-vulnerable-to-CVE-2021-44228-Log4j) | | | 12/14/21 |
| Progress | DataDirect Hybrid Data Pipeline | | Fixed | Yes | [source](https://www.progress.com/security), [mitigations](https://knowledgebase.progress.com/articles/Knowledge/Is-Hybrid-Data-Pipeline-vulnerable-CVE-2021-44228-Log4j) | | | 12/14/21 |
| Portex | Portex | <3.0.2 | Fixed | Yes | [source](https://github.com/katjahahn/PortEx/releases) | | | 12/14/21 |
| Pulse Secure | Pulse Secure Virtual Traffic Manager | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse Secure Services Director | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse Secure Web Application Firewall | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse Connect Secure | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Ivanti Connect Secure (ICS) | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse Policy Secure | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse Desktop Client | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse Mobile Client | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse One | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Pulse ZTA | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Ivanti Neurons for ZTA | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Pulse Secure | Ivanti Neurons for secure Access | | Fixed | Yes | [source](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/) | | | 12/14/21 |
| Puppet | Continuous Delivery for Puppet Enterprise | 3.x, < 4.10.2 | Fixed | Yes | [source](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/), [workaround](https://puppet.com/docs/continuous-delivery/4.x/cd_release_notes.html#cd_release_notes-version-4-10-3),[mitigations](https://support.puppet.com/hc/en-us/articles/360046708133-Puppet-Response-to-CVE-2021-44228-FAQ/) | Update available for version 4.x, mitigations for 3.x which is EOL | | 12/14/21 |
| Puppet | Puppet agents | | Fixed | Yes | [source](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | 12/14/21 |
| Puppet | Puppet Enterprise | | Fixed | Yes | [source](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | 12/14/21 |
| PTV xServer internet 1 / PTV xServer internet 2 | PTV xServer internet 1 / PTV xServer internet 2 | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV TLN planner internet | PTV TLN planner internet | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Route Optimizer SaaS / Demonstrator | PTV Route Optimizer SaaS / Demonstrator | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Developer | PTV Developer | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Visum Publisher | PTV Visum Publisher | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV xServer 2.x (on prem) | PTV xServer 2.x (on prem) | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV xServer 1.34 (on prem) | PTV xServer 1.34 (on prem) | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV MaaS Modeller | PTV MaaS Modeller | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Route Optimiser CL | PTV Route Optimiser CL | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Route Optimiser ST | PTV Route Optimiser ST | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Map&Market | PTV Map&Market | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Arrival Board / Trip Creator / EM Portal | PTV Arrival Board / Trip Creator / EM Portal | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Drive&Arrive | PTV Drive&Arrive | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV xServer < 1.34 (on prem) | PTV xServer < 1.34 (on prem) | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Road Editor | PTV Road Editor | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Map&Guide internet | PTV Map&Guide internet | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Map&Guide intranet | PTV Map&Guide intranet | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Navigator Licence Manager | PTV Navigator Licence Manager | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Navigator App | PTV Navigator App | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Drive&Arrive App | PTV Drive&Arrive App | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Visum | PTV Visum | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Vissim | PTV Vissim | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Vistro | PTV Vistro | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Viswalk | PTV Viswalk | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Balance and PTV Epics | PTV Balance and PTV Epics | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Hyperpath | PTV Hyperpath | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV TRE and PTV Tre-Addin | PTV TRE and PTV Tre-Addin | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| PTV Optima | PTV Optima | Unknown | Fixed | Yes | [source](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | 12/14/21 |
| QlikTech International | Compose | | Fixed | Yes | [source](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | 12/14/21 |
| QlikTech International | Nprinting | | Fixed | Yes | [source](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | 12/14/21 |
| QlikTech International | QEM products | | Fixed | Yes | [source](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | 12/14/21 |
| QlikTech International | Qlik Replicate | | Fixed | Yes | [source](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | 12/14/21 |
| QlikTech International | Qlik Sense Enterprise | | Fixed | Yes | [source](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | 12/14/21 |
| QlikTech International | QlikView | | Fixed | Yes | [source](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | 12/14/21 |
| QOS.ch | SLF4J Simple Logging Facade for Java | | Fixed | Yes | [source](http://slf4j.org/log4shell.html) | SLF4J API doesn't protect against the vulnerability when using a vulnerable version of log4j | | 12/14/21 |
| Red Hat | Red Hat OpenShift Container Platform 4 openshift4/ose-metering-presto | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat OpenShift Container Platform 4 openshift4/ose-metering-hive | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat OpenShift Container Platform 4 openshift4/ose-logging-elasticsearch6 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat OpenShift Container Platform 3.11 openshift3/ose-logging-elasticsearch5 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat OpenStack Platform 13 (Queens) opendaylight | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat OpenShift Logging logging-elasticsearch6-container | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat build of Quarkus | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat Descision Manager 7 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat Process Automation 7 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | A-MQ Clients 2 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat CodeReady Studio 12 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat Data Grid 8 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat Integration Camel K | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat Integration Camel Quarkus | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat JBoss A-MQ Streaming | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat JBoss Fuse 7 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat OpenShift Application Runtimes | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat Single Sign-On 7 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Red Hat | Red Hat JBoss Enterprise Application Platform 6 | | Fixed | Yes | [source](https://access.redhat.com/security/cve/cve-2021-44228) | | | 12/14/21 |
| Redis | Redis Enterprise & Open Source | all | Fixed | Yes | [source](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | Redis Enterprise and Open Source Redis (self-managed software product) does not use Java and is therefore not impacted by this vulnerability | | 12/14/21 |
| RSA | SecurID Authentication Manager | | Fixed | Yes | [source](https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501) | Version 8.6 Patch 1 contains a version of log4j that is vulnerable, but this vulnerability is not exploitable. | | 12/14/21 |
| RSA | SecurID Authentication Manager Prime | | Fixed | Yes | [source](https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501) | | | 12/14/21 |
| RSA | SecurID Authentication Manager WebTier | | Fixed | Yes | [source](https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501) | | | 12/14/21 |
| RSA | SecurID Identity Router (On-Prem component of Cloud Authentication Service) | | Fixed | Yes | [source](https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501) | | | 12/14/21 |
| RSA | SecurID Governance and Lifecycle (SecurID G&L) | | Fixed | Yes | [source](https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501) | | | 12/14/21 |
| RSA | SecurID Governance and Lifecycle Cloud (SecurID G&L Cloud) | | Fixed | Yes | [source](https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501) | | | 12/14/21 |
| Safe | FME Server | | Fixed | Yes | [source](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | 12/14/21 |
| Salesforce | All products | | Fixed | Yes | [source](https://status.salesforce.com/generalmessages/826) | | | 12/14/21 |
| SAS Institute | JMP | | Fixed | Yes | [source](https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html) | | | 12/14/21 |
| SAS Institute | SAS Profile | | Fixed | Yes | [source](https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html) | | | 12/14/21 |
| SAS Institute | SAS Cloud Solutions | | Fixed | Yes | [source](https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html) | | | 12/14/21 |
| Security Onion Solutions | Security Onion | 2.3.90 20211210 | Fixed | Yes | [source](https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html) | | | 12/14/21 |
| Shibboleth | Shibboleth IdP/SP | | Fixed | Yes | [source](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | 12/14/21 |
| SolarWinds | Database Performance Analyzer | 2021.1.x, 2021.3.x, 2022.1.x | Fixed | Yes | [source](https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228), [workaround](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US) | | | 12/14/21 |
| SolarWinds | Server & Application Monitor | >= 2020.2.6 | Fixed | Yes | [source](https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228), [workaround](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US) | | | 12/14/21 |
| SolarWinds | Orion Platform core | | Fixed | Yes | [source](https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228) | | | 12/14/21 |
| SonarSource | SonarQube | | Fixed | Yes | [source](https://community.sonarsource.com/t/sonarqube-sonarcloud-and-the-log4j-vulnerability/54721) | | | 12/14/21 |
| SonarSource | SonarCloud | | Fixed | Yes | [source](https://community.sonarsource.com/t/sonarqube-sonarcloud-and-the-log4j-vulnerability/54721) | | | 12/14/21 |
| SonicWall | Gen5 Firewalls (EOS) | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Gen6 Firewalls | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Gen7 Firewalls | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | SonicWall Switch | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | SMA 100 | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | SMA 1000 | 12.1.0, 12.4.1 | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Email Security | 10.x | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | MSW | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | NSM | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Analyzer | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Analytics | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | GMS | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Capture Client & Capture Client Portal | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | CAS | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | WAF | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Access Points | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | WNM | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | Capture Security Appliance | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | WXA | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| SonicWall | SonicCore | | Fixed | Yes | [source](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | | | 12/14/21 |
| Sophos | Sophos Central | | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Sophos Firewall | All | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | SG UTM | All | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | SG UTM Manager (SUM) | All | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Sophos ZTNA | | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Cloud Optix | | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Sophos Home | | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Sophos Mobile | | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Sophos Mobile EAS Proxy | 9.7.2 | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Sophos | Reflexion | | Fixed | Yes | [source](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | | | 12/14/21 |
| Splunk | Add-On: Java Management Extensions | 3.0.0, 2.1.0 | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Add-On: JBoss | 3.0.0, 2.1.0 | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Add-On: Tomcat | 3.0.0, 2.1.0 | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | IT Service Intelligence (ITSI) | 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.x | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Connect for Kafka | <2.0.4 | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Enterprise | All supported non-Windows versions of 8.1.x and 8.2.x only if Hadoop (Hunk) and/or DFS are used. | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | see Splunk Enterprise | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Enterprise Docker Container | see Splunk Enterprise | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Logging Library for Java | <1.11.1 | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Stream Processor Service | Current | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Admin Config Service | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Analytics Workspace | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Behavior Analytics | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Dashboard Studio | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Developer Tools: AppInspect | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Enterprise Security | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Intelligence Management (TruSTAR) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | KV Service | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Mission Control | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | MLTK | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Operator for Kubernetes | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Security Analytics for AWS | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | SignalFx Smart Agent | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | SOAR Cloud (Phantom) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | SOAR (On-Premises) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Application Performance Monitoring | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Augmented Reality | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Cloud Data Manager (SCDM) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Connect for Kubernetes | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Connect for SNMP | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Connect for Syslog | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk DB Connect | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Enterprise Cloud | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Heavyweight Forwarder (HWF) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Infrastructure Monitoring | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Log Observer | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Mint | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Mobile | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Network Performance Monitoring | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk On-Call/Victor Ops | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Open Telemetry Distributions | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Profiling | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Real User Monitoring | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Secure Gateway (Spacebridge) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Synthetics | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk TV | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk Universal Forwarder (UF) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Splunk | Splunk User Behavior Analytics (UBA) | all | Fixed | Yes | [source](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/14/21 |
| Stardog | Stardog | <7.8.1 | Fixed | Yes | [source](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | 12/14/21 |
| Synacor | Zimbra | 8.8.15 and 9.x | Fixed | Yes | [source](https://forums.zimbra.org/viewtopic.php?f=15&t=70240&start=10#p303354) | Zimbra stated (in their private support portal) they're not vulnerable. Currently supported Zimbra versions ship 1.2.6 | | 12/14/21 |
| Synology | DSM | | Fixed | Yes | [source](https://www.synology.com/en-global/security/advisory/Synology_SA_21_30) | The base DSM is not affected. Software installed via the package manager may be vulnerable. | | 12/14/21 |
| Talend | Talend Component Kit | | Fixed | Yes | [source](https://jira.talendforge.org/browse/TCOMP-2054) | | | 12/14/21 |
| Tealium | All products | | Fixed | Yes | [source](https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824) | | | 12/14/21 |
| TheHive | Cortex | all | Fixed | Yes | [source](https://blog.strangebee.com/apache-log4j-cve-2021-44228/) | | | 12/14/21 |
| TheHive | TheHive | all | Fixed | Yes | [source](https://blog.strangebee.com/apache-log4j-cve-2021-44228/) | | | 12/14/21 |
| Topicus Security | Topicus KeyHub | all | Fixed | Yes | [source](https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/) | | | 12/14/21 |
| TrendMicro | ActiveUpdate | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Apex Central (including as a Service) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Apex One (all versions including Mac and Saas) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud App Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud Edge | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - Application Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - Common Services | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - Conformity | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - Container Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - File Storage Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - Network Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud One - Workload Secuity | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Cloud Sandbox | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Discovery Advisor | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Discovery Analyzer | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Discovery Director | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Discovery Email Inspector | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Discovery Inspector | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Discovery Web Inspector | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Deep Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Endpoint Application Control | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Fraudbuster | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Home Network Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Housecall | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Instant Messaging Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Internet Security for Mac (Consumer) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Interscan Messaging Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Interscan Messaging Security Virtual Appliance (IMSVA) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Interscan Web Security Suite | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Interscan Web Security Virtual Appliance (IWSVA) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Mobile Secuirty for Enterprise | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | MyAccount (Consumer Sign-on) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Network Viruswall | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | OfficeScan | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Password Manager | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Phish Insight | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Policy Manager | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Portable Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | PortalProtect | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Remote Manager | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Rescue Disk | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Rootkit Buster | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Safe Lock | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Safe Lock 2.0 | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Sandbox as a Service | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | ScanMail for Domino | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | ScanMail for Exchange | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Secuirty for Mac | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Security for NAS | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | ServerProtect (all versions) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Smart Home Network | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Smart Protection Complete | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Smart Protection for Endpoints | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Smart Protection Server (SPS) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | TippingPoint (all variations) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | TMUSB | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Trend Micro Email Security & HES | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Trend Micro ID Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Trend Micro Remote Manager | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Trend Micro Web Security | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Vision One | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Vulnerability Protection | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Worry-Free Business Security (on-prem) | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| TrendMicro | Worry-Free Business Security Services | | Fixed | Yes | [source](https://success.trendmicro.com/solution/000289940) | | | 12/14/21 |
| Ubiquiti | UniFi Network Application | 6.5.54 | Fixed | Yes | [source](https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1) | | | 12/14/21 |
| US Signal | Remote Management and Monitoring platform | | Fixed | Yes | [source](https://ussignal.com/blog/apache-log4j-vulnerability) | | | 12/14/21 |
| USoft | USoft | 9.1.1F | Fixed | Yes | [proof](<https://ibb.co/tqV40qB>) | Found by manual scanning | | 12/14/21 |
| Veeam | All products | | Fixed | Yes | [source](https://community.veeam.com/blogs-and-podcasts-57/log4j-vulnerability-what-do-you-need-to-know-1851) | Veeam is still investigating, but it looks like the Veeam products don't use log4j | | 12/14/21 |
| VMware | API Portal for VMware Tanzu | 1.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | AppDefense Appliance | 2.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Mitigation-Steps-for-AppDefense/ta-p/109180) | | | 12/14/21 |
| VMware | App Metrics | 2.1.1 | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [fix](https://network.pivotal.io/products/apm) | | | 12/14/21 |
| VMware | Carbon Black Cloud Workload Appliance | 1.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Mitigation-Steps-for-VMware-Carbon-Black-Cloud/ta-p/109167) | | | 12/14/21 |
| VMware | Carbon Black EDR Server | 7.x, 6.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://community.carbonblack.com/t5/Threat-Research-Docs/Log4Shell-Mitigation-Steps-for-VMware-Carbon-Black-EDR/ta-p/109168), [fix](https://community.carbonblack.com/t5/Endpoint-Detection-and-Response/VMware-Carbon-Black-EDR-Announcing-General-Availability-of-EDR/td-p/109189) | Fixed in 7.6.0 | | 12/14/21 |
| VMware | Cloud Foundation | 4.x, 3.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [workaround](https://kb.vmware.com/s/article/87095) | | | 12/14/21 |
| VMware | Cloud Gateway for VMware Tanzu | 1.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | Cloud Services for VMware Tanzu | 3.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | HCX | 4.x, 3.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html)
| | | 12/14/21 |
| VMware | Healthwatch for Tanzu Application Service | 2.1.7, 1.8.6 | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [fix](https://network.pivotal.io/products/p-healthwatch) | | | 12/14/21 |
| VMware | Horizon | 8.x, 7.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87073) | | | 12/14/21 |
| VMware | Horizon Cloud Connector | 1.x, 2.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [fix](https://customerconnect.vmware.com/downloads/details?downloadGroup=HCS-CC-210&productId=716&rPId=79131#product_downloads) | | | 12/14/21 |
| VMware | Horizon DaaS | 9.1.x, 9.0.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87101) | | | 12/14/21 |
| VMware | Identity Manager | 3.3.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87093) | | | 12/14/21 |
| VMware | NSX Data Center for vSphere | 6.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87099) | | | 12/14/21 |
| VMware | NSX-T Data Center | 3.x, 2.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87086) | | | 12/14/21 |
| VMware | Single Sign-On for VMware Tanzu Application Service | 1.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | Site Recovery Manager | 8.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87098) | | | 12/14/21 |
| VMware | Spring Boot | < 2.5.8, < 2.6.2 | Fixed | Yes | [source](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | 12/14/21 |
| VMware | Spring Cloud Gateway for Kubernetes | 1.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | Tanzu Application Service for VMs | 2.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [workaround](https://community.pivotal.io/s/article/Workaround-instructions-to-address-CVE-2021-44228-in-Tanzu-Application-Service-2-7-through-2-12?language=en_US), [fix](https://network.pivotal.io/products/elastic-runtime) | | | 12/14/21 |
| VMware | Tanzu GemFire | 8.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://community.pivotal.io/s/article/Workaround-to-address-CVE-2021-44228-Apache-Log4j-Remote-Code-Execution-for-all-GemFire-versions?language=en_US) | | | 12/14/21 |
| VMware | Tanzu Greenplum | 6.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://community.pivotal.io/s/article/Workaround-to-address-CVE-2021-44228-Apache-Log4j-Remote-Code-Execution-for-All-Greenplum-Versions?language=en_US) | | | 12/14/21 |
| VMware | Tanzu Kubernetes Grid Integrated Edition | 2.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [workaround](https://community.pivotal.io/s/article/Workaround-instructions-to-address-CVE-2021-44228-in-Tanzu-Application-Service-2-7-through-2-12?language=en_US) | | | 12/14/21 |
| VMware | Tanzu Observability by Wavefront Nozzle | 3.0.3 | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [fix](https://network.pivotal.io/products/wavefront-nozzle) | | | 12/14/21 |
| VMware | Tanzu Operations Manager | 2.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [workaround](https://community.pivotal.io/s/article/5004y00001mPn2N1639255611105?language=en_US), [fix](https://network.pivotal.io/products/ops-manager/) | | | 12/14/21 |
| VMware | Tanzu SQL with MySQL for VMs | 2.x, 1.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | Telco Cloud Automation | 2.x, 1.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/14/21 |
| VMware | Unified Access Gateway | 21.x, 20.x, 3.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87092) | | | 12/14/21 |
| VMware | vCenter Cloud Gateway | 1.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [workaround](https://kb.vmware.com/s/article/87081) | | | 12/14/21 |
| VMware | vCenter Server | 6.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87096?lang=en_US) | Running on: Windows | | 12/14/21 |
| VMware | vCenter Server | 7.x, 6.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87081?lang=en_US) | Running on: Virtual Appliance | | 12/14/21 |
| VMware | vCloud Director | all | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068?lang=en_US)
| | | 12/14/21 |
| VMware | vCloud Workstation | all | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068?lang=en_US)
| | | 12/14/21 |
| VMware | vRealize Automation | 8.x, 7.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/14/21 |
| VMware | vRealize Lifecycle Manager | 8.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87097) | | | 12/14/21 |
| VMware | vRealize Log Insight | 8.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87089) | | | 12/14/21 |
| VMware | vRealize Operations | 8.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87076) | | | 12/14/21 |
| VMware | vRealize Operations Cloud Proxy | Any | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87080) | | | 12/14/21 |
| VMware | vRealize Orchestrator | 8.x, 7.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | vSphere ESXi | Unknown | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068) | | | 12/14/21 |
| VMware | Workspace ONE Access | 21.x, 20.x | Fixed | Yes | [source](https://www.vmware.com/security/advisories/VMSA-2021-0028.html), [workaround](https://kb.vmware.com/s/article/87090) | | | 12/14/21 |
| VMware | Workspace ONE Access Connector (VMware Identity Manager Connector) | 19.03.0.1, 20.x, 21.x | Fixed | Yes | [source](https://kb.vmware.com/s/article/87068), [workaround](https://kb.vmware.com/s/article/87091) | | | 12/14/21 |
| Watcher | [Watcher](https://github.com/thalesgroup-cert/Watcher) | all | Fixed | Yes | [source](https://twitter.com/felix_hrn/status/1470387338001977344)
| | | 12/14/21 |
| Wind River | Wind River Linux | <= 8 | Fixed | Yes | [source](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | "contain package log4j, but their version is 1.2.x, too old to be affected" | | 12/14/21 |
| Wind River | Wind River Linux | > 8 | Fixed | Yes | [source](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | no support for log4j | | 12/14/21 |
| WitFoo | WitFoo Precinct | 6.x | Fixed | Yes | [source](https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/) | WitFoo Streamer & Apache Kafka Docker containers are/were vulnerable | | 12/14/21 |
| Wowza | Wowza Streaming Engine | 4.7.8, 4.8.x | Fixed | Yes | [source](https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve) | | | 12/14/21 |
| Yahoo | Vespa | | Fixed | Yes | [source](https://blog.vespa.ai/log4j-vulnerability/) | Your Vespa application may still be affected if log4j is included in your application package | | 12/14/21 |
| Zabbix | Zabbix | | Fixed | Yes | [source](https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/) | Zabbix is aware of this vulnerability, has completed verification, and can conclude that the only product where we use Java is Zabbix Java Gateway, which does not utilize the log4j library, thereby is not impacted by this vulnerability. | | 12/14/21 |
| Zammad | Zammad | | Fixed | Yes | [source](https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256) | Most of Zammad instances make use of Elasticsearch which might be vulnerable. | | 12/14/21 |
| Zerto | Virtual Replication Appliance | | Fixed | Yes | [source](https://help.zerto.com/kb/000004822) | | | 12/14/21 |
| Zerto | Zerto Cloud Appliance | | Fixed | Yes | [source](https://help.zerto.com/kb/000004822) | | | 12/14/21 |
| Zerto | Zerto Cloud Manager | | Fixed | Yes | [source](https://help.zerto.com/kb/000004822) | | | 12/14/21 |
| Zerto | Zerto Virtual Manager | | Fixed | Yes | [source](https://help.zerto.com/kb/000004822) | | | 12/14/21 |
| Zesty | Zesty.io | | Fixed | Yes | [source](https://www.zesty.io/mindshare/company-announcements/log4j-exploit/) | | | 12/14/21 |