r3pek/log4j-affected-db
1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-23 00:50:48 +00:00
Code Releases Activity

Merge branch 'develop' into develop

Browse source
This commit is contained in:
justmurphy 2021-12-20 19:16:58 -06:00 committed by GitHub
commit 10caf45257
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 64 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

88
README.md
View file

@ -188,13 +188,32 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| AXS Guard | | | | | [AXS Guard Blog Post](https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77) | | | | | AXS Guard | | | | | [AXS Guard Blog Post](https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77) | | | |
| Axways Applications | | | | | [Axways Applications Link](https://support.axway.com/news/1331/lang/en) | | | | | Axways Applications | | | | | [Axways Applications Link](https://support.axway.com/news/1331/lang/en) | | | |
| B&R Industrial Automation | APROL | | Not Affected | | [B&R Statement](https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf)| | | 12/16/2021| | B&R Industrial Automation | APROL | | Not Affected | | [B&R Statement](https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf)| | | 12/16/2021|
| Baxter | | | | Under Investigation | [Baxter Advisory Link](https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf) | | | 12/20/2021 |
| BackBox | | | | | [BackBox Update](https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf) | | | | | BackBox | | | | | [BackBox Update](https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf) | | | |
| Balbix | | | | | [Balbix Blog Post](https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/) | | | | | Balbix | | | | | [Balbix Blog Post](https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/) | | | |
| Baramundi Products | | | | | [Baramundi Products Forum](https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875) | | | | | Baramundi Products | | | | | [Baramundi Products Forum](https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875) | | | |
| Barco | | | | | [Barco Link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | | | Barco | | | | | [Barco Link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | |
| Barracuda | | | | | [Barracuda Link](https://www.barracuda.com/company/legal/trust-center) | | | | | Barracuda | | | | | [Barracuda Link](https://www.barracuda.com/company/legal/trust-center) | | | |
| BBraun | | | | | [BBraun Advisory](https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b-braun-statement-on-Apache_Log4j.html) | This advisory is available to customer only and has not been reviewed by CISA. | | | | BBraun | Outlook® Safety Infusion System Pump family | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 |
| BD | | | Not Affected | No | [BD Bulletin](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | | BBraun | Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® Infusion | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 |
| BBraun | Pump, SpaceStation, and Space® Wireless Battery) | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 |
| BBraun | DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 |
| BBraun | Pinnacle® Compounder | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 |
| BBraun | APEX® Compounder | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 |
| BD | Arctic Sun™ Analytics | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD Diabetes Care App Cloud | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD HealthSight™ Clinical Advisor | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD HealthSight™ Data Manager | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD HealthSight™ Diversion Management | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD HealthSight™ Infection Advisor | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD HealthSight™ Inventory Optimization Analytics | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD HealthSight™ Medication Safety | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD Knowledge Portal for Infusion Technologies | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD Knowledge Portal for Medication Technologies | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD Knowledge Portal for BD Pyxis™ Supply | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD Synapsys™ Informatics Solution | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| BD | BD Veritor™ COVID At Home Solution Cloud | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 |
| Beckman Coulter | ||Under Investigation | |[Beckman Coulter Advisory Link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | 12/20/2021 |
| Bender | | | | | [Bender Link](https://www.bender.de/en/cert) | | | | | Bender | | | | | [Bender Link](https://www.bender.de/en/cert) | | | |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | | | Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | |
| BeyondTrust | Privilege Management Cloud | Unkown | Fixed | | [BeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | vulnerability has been mitigated on all customer instances as of December 10, 2021 | KB0016542 | 2021-12-15 | | BeyondTrust | Privilege Management Cloud | Unkown | Fixed | | [BeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | vulnerability has been mitigated on all customer instances as of December 10, 2021 | KB0016542 | 2021-12-15 |
@ -246,6 +265,7 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| BMC | TrueSight Infrastructure Management | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | | | BMC | TrueSight Infrastructure Management | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | |
| BMC | TrueSight Operations Management | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | | | BMC | TrueSight Operations Management | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | |
| BMC | TrueSight Orchestration | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | | | BMC | TrueSight Orchestration | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | |
| Boston Scientific | | |Under Investigation | |[Boston Scientific Advisory Link](https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf) | | | 12/20/2021 |
| Box | | | | | [Box Blog Post](https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228) | | | | | Box | | | | | [Box Blog Post](https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228) | | | |
| Brainworks | | | | | [Brainworks Link](https://www.brainworks.de/log4j-exploit-kerio-connect-workaround/) | | | | | Brainworks | | | | | [Brainworks Link](https://www.brainworks.de/log4j-exploit-kerio-connect-workaround/) | | | |
| BrightSign | | | | | [BrightSign Link](https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j) | | | | | BrightSign | | | | | [BrightSign Link](https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j) | | | |
@ -305,8 +325,11 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| C4b XPHONE | | | | | [C4b XPHONE Link](https://www.c4b.com/de/news/log4j.php) | | | | | C4b XPHONE | | | | | [C4b XPHONE Link](https://www.c4b.com/de/news/log4j.php) | | | |
| Camunda | | | | | [Camunda Forum Link](https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910) | | | | | Camunda | | | | | [Camunda Forum Link](https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910) | | | |
| CarbonBlack | | | | | [CarbonBlack Advisory](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | | | CarbonBlack | | | | | [CarbonBlack Advisory](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | |
| Carestream | | | Not Affected | |[Carestream Advisory Link](https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy) | | | 12/20/2021 |
| CAS genesisWorld | | | | | [CAS genesisWorld Link](https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446) | | | | | CAS genesisWorld | | | | | [CAS genesisWorld Link](https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446) | | | |
| Cato Networks | | | | | [Cato Networks Blog Post](https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/) | | | | | Cato Networks | | | | | [Cato Networks Blog Post](https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/) | | | |
| Cepheid | C360 | | Not Affected | |[Cepheid Advisory Link](https://www.cepheid.com/en_US/legal/product-security-updates) | | | 12/20/2021 |
| Cepheid | GeneXpert | | Under Investigation | |[Cepheid Advisory Link](https://www.cepheid.com/en_US/legal/product-security-updates) | | | 12/20/2021 |
| Cerberus FTP | | | | | [Cerberus Article](https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability) | | | | | Cerberus FTP | | | | | [Cerberus Article](https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability) | | | |
| Chaser Systems | discrimiNAT Firewall | All | Not Affected | | [Are Chasers products affected](https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected) | | | | | Chaser Systems | discrimiNAT Firewall | All | Not Affected | | [Are Chasers products affected](https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected) | | | |
| Check Point | CloudGuard | | Not Affected | | | | | | | Check Point | CloudGuard | | Not Affected | | | | | |
@ -521,7 +544,7 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| CouchBase | | | | | [CouchBase Forums](https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402) | | | | | CouchBase | | | | | [CouchBase Forums](https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402) | | | |
| CPanel | | | | | [CPanel Forms](https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/) | | | | | CPanel | | | | | [CPanel Forms](https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/) | | | |
| Cradlepoint | | | | | [Cradlepoint](https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/) | | | | | Cradlepoint | | | | | [Cradlepoint](https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/) | | | |
| Crestron | | | | | [Crestron Advisory](https://www.crestron.com/Security/Security_Advisories/Apache-Log4j) | | | | | Crestron | | | Not Affected | | [Crestron Advisory](https://www.crestron.com/Security/Security_Advisories/Apache-Log4j) | | | 12/20/2021 |
| CrushFTP | | | | | [CrushFTP Link](https://www.crushftp.com/download.html) | | | | | CrushFTP | | | | | [CrushFTP Link](https://www.crushftp.com/download.html) | | | |
| CryptShare | | | | | [Cryptshare Support Link](https://www.cryptshare.com/en/support/cryptshare-support/#c67572) | | | | | CryptShare | | | | | [Cryptshare Support Link](https://www.cryptshare.com/en/support/cryptshare-support/#c67572) | | | |
| Cumul.io | | | | | | [Cumul.io Status Link](https://status.cumul.io/#incidents) | | | | | Cumul.io | | | | | | [Cumul.io Status Link](https://status.cumul.io/#incidents) | | | |
@ -1144,6 +1167,23 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| HPE | Superdome Flex 280 | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | Superdome Flex 280 | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 |
| HPE | Superdome Flex Server | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | Superdome Flex Server | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 |
| HPE | UAN (User Access Node) | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | UAN (User Access Node) | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 |
| HOLOGIC | Advanced Workflow Manager (AWM) | | Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | 12/20/2021 |
| HOLOGIC | Unifi Workspace | | Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | 12/20/2021 |
| HOLOGIC | Faxitron CT Specimen Radiography System | | Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program. | | 12/20/2021 |
| HOLOGIC | Dimensions / 3Dimensions Mammography System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Affirm Prone Biopsy System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Brevera Breast Biopsy System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Trident HD Specimen Radiography System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | SecurView DX Workstation | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Cenova Image Analytics Server | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | SecurXChange Router | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Rosetta DC Tomosynthesis Data Converter | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Faxitron Specimen Radiography Systems | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Horizon DXA Bone Densitometer | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Discovery Bone Densitometer | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Fluoroscan Insight Mini C-Arm | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| HOLOGIC | Windows Selenia Mammography System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 |
| Huawei | | | | | [Huawei Security Notice](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | | | Huawei | | | | | [Huawei Security Notice](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | |
| Hubspot | | | | | [Hubspot Notice](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | | | Hubspot | | | | | [Hubspot Notice](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | |
| I-Net software | | | | | [I-Net Software Statement](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | | | I-Net software | | | | | [I-Net Software Statement](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | |
@ -1992,27 +2032,27 @@ Apache|Camel|3.14.1.3.11.5,3.7.7|Affected|Yes|[APACHE CAMEL AND CVE-2021-44228 (
| SOS Berlin | | | | | [SOS Berlin Link](https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability) | | | | | SOS Berlin | | | | | [SOS Berlin Link](https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability) | | | |
| Spambrella | | | | | [Spambrella FAQ Link](https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/) | | | | | Spambrella | | | | | [Spambrella FAQ Link](https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/) | | | |
| Spigot | | | | | [Spigot Security Release](https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/) | | | | | Spigot | | | | | [Spigot Security Release](https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/) | | | |
| Splunk | Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) | 5.2.0 and older | Affected |CVE-2021-44228: 5.2.1 CVE-2021-45046: TBD| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) | 5.2.0 and older | Affected | CVE-2021-44228: 5.2.1 CVE-2021-45046: 5.2.2 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) | 3.0.0 and older | Affected |CVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) | 3.0.0 and older | Affected | CVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) | 3.0.0 and older | Affected | CVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) | 3.0.0 and older | Affected | CVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Affected | CVE-2021-44228: Pending CVE-2021-45046: Pending CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Affected | CVE-2021-44228: Pending CVE-2021-45046: Pending CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) | 4.11, 4.10.x (Cloud only), 4.9.x | Affected |CVE-2021-44228: 4.11.1, 4.10.3, 4.9.5 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parameters| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) | 4.11, 4.10.x (Cloud only), 4.9.x | Affected |CVE-2021-44228: 4.11.1, 4.10.3, 4.9.5 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parameters| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) | 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x | Affected |CVE-2021-44228: 4.11.1, 4.10.3, 4.9.5, 4.7.3 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parameters| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) | 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x | Affected |CVE-2021-44228: 4.11.1, 4.10.3, 4.9.5, 4.7.3 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parameters| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Connect for Kafka | All versions prior to 2.0.4 | Affected | CVE-2021-44228: 2.0.4 CVE-2021-45046: 2.0.5 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Connect for Kafka | All versions prior to 2.0.4 | Affected | CVE-2021-44228: 2.0.4 CVE-2021-45046: 2.0.5 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Enterprise (including instance types like Heavy Forwarders) | All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. | Affected | CVE-2021-44228: 8.1.7.1, 8.2.3.2 CVE-2021-45046: 8.1.7.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Enterprise (including instance types like Heavy Forwarders) | All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. | Affected | CVE-2021-44228: 8.1.7.1, 8.2.3.2 CVE-2021-45046: 8.1.7.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | See Splunk Enterprise | Affected |CVE-2021-44228: 8.2.3.2, 8.1.7.1 published to AWS Marketplace CVE-2021-45046: TBD | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Enterprise Amazon Machine Image (AMI) | See Splunk Enterprise | Affected |CVE-2021-44228: 8.2.3.2, 8.1.7.1 published to AWS Marketplace CVE-2021-45046: TBD | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Enterprise Docker Container | See Splunk Enterprise | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Enterprise Docker Container | See Splunk Enterprise | Affected | CVE-2021-44228: latest, edge, 8.1, 8.1.7.1, 8.2, 8.2.3.2 CVE-2021-45046: latest, edge, 8.1, 8.1.7.2, 8.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Logging Library for Java | 1.11.0 and older | Affected | CVE-2021-44228: 1.11.1 CVE-2021-45046: 1.11.2 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Logging Library for Java | 1.11.0 and older | Affected | CVE-2021-44228: 1.11.1 CVE-2021-45046: 1.11.2 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) | 4.0.3 and older | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) | 4.0.3 and older | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) | 4.2.1 and older | Affected | Pending| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) | 4.2.1 and older | Affected | Pending| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | Affected | CVE-2021-44338: TBD CVE-2021-45046: TBD | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | Affected | CVE-2021-44338: TBD CVE-2021-45046: TBD | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk On-call / VictorOps | Current | Affected | CVE-2021-44228: Fixed 12/15 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk On-call / VictorOps | Current | Affected | CVE-2021-44228: Fixed 12/15 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Real User Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Real User Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Application Performance Monitoring| Current | Affected | CVE-2021-44228: Fixed 12/1 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Application Performance Monitoring| Current | Affected | CVE-2021-44228: Fixed 12/1 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Infrastructure Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Infrastructure Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Log Observer | Current | Affected | CVE-2021-44228: Fixed 12/16 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Log Observer | Current | Affected | CVE-2021-44228: Fixed 12/16 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 | | Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 |
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 3:15 pm PT, 12/18/21 || Sprecher Automation | | | | | [Sprecher Automation Security Alert](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | | | Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 || Sprecher Automation | | | | | [Sprecher Automation Security Alert](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | |
| Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | | | Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |
| Spring Boot | | | | | [Spring Boot Vulnerability Statement](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | | | Spring Boot | | | | | [Spring Boot Vulnerability Statement](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | |
| StarDog | | | | | [StarDog](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | | | StarDog | | | | | [StarDog](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | |