From 0f70101a3de86ad77f48d24fa4c87df94fc786b8 Mon Sep 17 00:00:00 2001 From: Juliann Phelps <42777616+juliannphelpsGSA@users.noreply.github.com> Date: Wed, 22 Dec 2021 10:43:59 -0500 Subject: [PATCH 1/9] Update SOFTWARE-LIST.md Adding UiPath to software list --- SOFTWARE-LIST.md | 39 +-------------------------------------- 1 file changed, 1 insertion(+), 38 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 23396dc..1539ec2 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -1790,9 +1790,6 @@ This list was initially populated using information from the following sources: | Pexip | | | | | [Pexip Link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | | | Phenix Id | | | | | [Phenix Id Support Link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | | | Philips | Multiple products | | | | [Philips Security Advisory](https://www.philips.com/a-w/security/security-advisories.html) | | | | -| PHOENIX CONTACT | Physical products containing firmware | | Not Affected | | [PHOENIX CONTACT Advisory Link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | 12/22/2021 | -| PHOENIX CONTACT | Software Products | | Not Affected | | [PHOENIX CONTACT Advisory Link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | 12/22/2021 | -| PHOENIX CONTACT | Cloud Services | | Affected | | [PHOENIX CONTACT Advisory Link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | Partly affected. Remediations are being implemented. | | 12/22/2021 | | Ping Identity | PingAccess | 4.0 <= version <= 6.3.2 | Affected | Yes | [Log4j2 vulnerability CVE-2021-44228](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | 2021-12-15 | | Ping Identity | PingCentral | | Affected | Yes | [Log4j2 vulnerability CVE-2021-44228](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | 2021-12-15 | | Ping Identity | PingFederate | 8.0 <= version <= 10.3.4 | Affected | Yes | [Log4j2 vulnerability CVE-2021-44228](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | 2021-12-15 | @@ -2102,40 +2099,6 @@ This list was initially populated using information from the following sources: | Siemens | VeSys | All Versions >=2019.1 SP1912 only if Teamcenter integration feature is used |Affected | No|[Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledgebase/MG618363). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| |12/18/2021 | | Siemens | Xpedition Enterprise | All Versions >=VX.2.6 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledge-base/MG618343). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | | Siemens | Xpedition IC Packaging | All Versions >=VX.2.6 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledge-base/MG618343). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf).| |12/18/2021 | -| Siemens Healthineers | ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. | | 12/22/2021 | -| Siemens Healthineers | CENTRALINK v16.0.2 / v16.0.3 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. | | 12/22/2021 | -| Siemens Healthineers | DICOM Proxy VB10A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 | -| Siemens Healthineers | Somatom Scope Som5 VC50 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | 12/22/2021 | -| Siemens Healthineers | Somatom Emotion Som5 VC50 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | 12/22/2021 | -| Siemens Healthineers | go.All, Som10 VA20 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | go.Fit, Som10 VA30 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | go.Now, Som10 VA10 / VA20 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | go.Open Pro, Som10 VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | go.Sim, Som10 VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | go.Up, Som10 VA10 / VA20 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Altea NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Amira NUMARIS/X VA12M | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Free.Max NUMARIS/X VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Lumina NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Sempra NUMARIS/X VA12M | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Sola fit NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Sola NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Vida fit NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | MAGNETOM Vida NUMARIS/X VA10A* / VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 | -| Siemens Healthineers | Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 | -| Siemens Healthineers | Syngo MobileViewer VA10A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | The vulnerability will be patch/mitigated in upcoming releases\patches. | | 12/22/2021 | -| Siemens Healthineers | syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 | -| Siemens Healthineers | syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Please contact your Customer Service to get support on mitigating the vulnerability. | | 12/22/2021 | -| Siemens Healthineers | syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 | -| Siemens Healthineers | SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | 12/22/2021 | -| Siemens Healthineers | Cios Select FD/I.I. VA21 / VA21-S3P | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | 12/22/2021 | -| Siemens Healthineers | Cios Flow S1 / Alpha / Spin VA30 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | 12/22/2021 | -| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 | -| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | -| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 | | Sierra Wireless | | | | | [Sierra Wireless Security Bulletin](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | | | Signald | | | | | [Signald Gitlab](https://gitlab.com/signald/signald/-/issues/259) | | | | | Silver Peak | Orchestrator, Silver Peak GMS | | Affected | No | [Security Advisory Notice Apache](https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf) | Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. | | 12/14/2021 | @@ -2300,7 +2263,6 @@ This list was initially populated using information from the following sources: | Thales | Sentinel Professional Services components (both Thales hosted & hosted on-premises by customers) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | | Thales | Sentinel SCL | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | | Thales | Thales Data Platform (TDP)(DDC) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | -| Thermo Fisher Scientific | | | Unknown | | [Thermo Fisher Scientific Advisory Link](https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html) | | | 12/22/2021 | | Thomson Reuters | HighQ Appliance | <3.5 | Affected | Yes | [https://highqsolutions.zendesk.com](https://highqsolutions.zendesk.com) | Reported by vendor - Documentation is in vendor's client portal (login required). This advisory is available to customer only and has not been reviewed by CISA. | | 12/20/2021 | | ThreatLocker | | | | | [ThreatLocker Log4j Statement](https://threatlocker.kb.help/log4j-vulnerability/) | | | | | ThycoticCentrify | Secret Server | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | @@ -2331,6 +2293,7 @@ This list was initially populated using information from the following sources: | UniFlow | | | | | [UniFlow Security Advisory](https://www.uniflow.global/en/security/security-and-maintenance/) | | | | | Unify ATOS | | | | | [Unify ATOS Advisory](https://networks.unify.com/security/advisories/OBSO-2112-01.pdf) | | | | | Unimus | | | | | [Unimus Statement](https://forum.unimus.net/viewtopic.php?f=7&t=1390#top) | | | | +| UiPath |InSights|20.10|Affected|Yes| [UiPath Statement](https://www.uipath.com/legal/trust-and-security/cve-2021-44228) | | | | | USSIGNAL MSP | | | | | [USSIGNAL MSP Statement](https://ussignal.com/blog/apache-log4j-vulnerability) | | | | | VArmour | | | | | [VArmour Statement](https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility) | | | | | Varnish Software | | | | | [Varnish Software Security Notice](https://docs.varnish-software.com/security/CVE-2021-44228-45046/) | | | | From 268ca0cd0ec58d3ffe20c01d7df613aaa35be60c Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 12:50:31 -0500 Subject: [PATCH 2/9] Add back PHOENIX entries --- SOFTWARE-LIST.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 1539ec2..1d08ff2 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -1790,6 +1790,9 @@ This list was initially populated using information from the following sources: | Pexip | | | | | [Pexip Link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | | | Phenix Id | | | | | [Phenix Id Support Link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | | | Philips | Multiple products | | | | [Philips Security Advisory](https://www.philips.com/a-w/security/security-advisories.html) | | | | +| PHOENIX CONTACT | Physical products containing firmware | | Not Affected | | [PHOENIX CONTACT Advisory Link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | 12/22/2021 | +| PHOENIX CONTACT | Software Products | | Not Affected | | [PHOENIX CONTACT Advisory Link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | | | 12/22/2021 | +| PHOENIX CONTACT | Cloud Services | | Affected | | [PHOENIX CONTACT Advisory Link](https://dam-mdc.phoenixcontact.com/asset/156443151564/1a0f6db6bbc86540bfe4f05fd65877f4/Vulnerability_Statement_Log4J_20211215.pdf) | Partly affected. Remediations are being implemented. | | 12/22/2021 | | Ping Identity | PingAccess | 4.0 <= version <= 6.3.2 | Affected | Yes | [Log4j2 vulnerability CVE-2021-44228](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | 2021-12-15 | | Ping Identity | PingCentral | | Affected | Yes | [Log4j2 vulnerability CVE-2021-44228](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | 2021-12-15 | | Ping Identity | PingFederate | 8.0 <= version <= 10.3.4 | Affected | Yes | [Log4j2 vulnerability CVE-2021-44228](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | 2021-12-15 | From cd62739d926d6ec3825cc873ebcba732d77ee085 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 12:54:50 -0500 Subject: [PATCH 3/9] Add spacing & date --- SOFTWARE-LIST.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 05eb3ae..e989c48 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2667,7 +2667,7 @@ download | | 12/20/2021 | | UniFlow | | | | | [UniFlow Security Advisory](https://www.uniflow.global/en/security/security-and-maintenance/) | | | | | Unify ATOS | | | | | [Unify ATOS Advisory](https://networks.unify.com/security/advisories/OBSO-2112-01.pdf) | | | | | Unimus | | | | | [Unimus Statement](https://forum.unimus.net/viewtopic.php?f=7&t=1390#top) | | | | -| UiPath |InSights|20.10|Affected|Yes| [UiPath Statement](https://www.uipath.com/legal/trust-and-security/cve-2021-44228) | | | | +| UiPath | InSights | 20.10 | Affected | Yes | [UiPath Statement](https://www.uipath.com/legal/trust-and-security/cve-2021-44228) | | | 12/15/2021 | | USSIGNAL MSP | | | | | [USSIGNAL MSP Statement](https://ussignal.com/blog/apache-log4j-vulnerability) | | | | | VArmour | | | | | [VArmour Statement](https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility) | | | | | Varian | Acuity | All | Under Investigation | | [Varian Advisory Link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | 12/22/2021 | From cc683614be38fad0c81884c923af113aa036753a Mon Sep 17 00:00:00 2001 From: iainDe <96153057+iainDe@users.noreply.github.com> Date: Wed, 29 Dec 2021 13:44:55 -0500 Subject: [PATCH 4/9] Update SOFTWARE-LIST.md --- SOFTWARE-LIST.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index e989c48..5f5ee69 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2355,6 +2355,11 @@ download | | 12/20/2021 | | Seagull Scientific | | | | | [Seagull Scientific Support Link](https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability) | | | | | SecurePoint | | | | | [SecurePoint News Link](https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html) | | | | | Security Onion | | | | | [Security Onion Blog Post](https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html) | | | | +| Securonix | SNYPR Application | Affected | [Securonix Response to CVE-2021-44228: Securonix On-Prem Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf) | | | 12/10/21 | +| Securonix | Next Gen SIEM | All | Affected | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | User and Entity Behavior Analytics(UEBA)| All | Affected| [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | Security Analytics and Operations Platform (SOAR) | All | Affected| [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | Extended Detection and Response (XDR) | All | Affected| [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | | Seeburger | | | | | [Seeburger Service Desk Link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) |This advisory is avaiable to customers only and has not been reviewed by CISA | | | | SentinelOne | | | | | [SentinelOne Blog Post](https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/) | | | | | Sentry | | | | | [Sentry Blog Post](https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228) | | | | From 76f0733ef4dc3e39e9a9944bc76c7f1eb7505f5c Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 13:50:46 -0500 Subject: [PATCH 5/9] Update SOFTWARE-LIST.md --- SOFTWARE-LIST.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 5f5ee69..1139b54 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2355,12 +2355,12 @@ download | | 12/20/2021 | | Seagull Scientific | | | | | [Seagull Scientific Support Link](https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability) | | | | | SecurePoint | | | | | [SecurePoint News Link](https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html) | | | | | Security Onion | | | | | [Security Onion Blog Post](https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html) | | | | -| Securonix | SNYPR Application | Affected | [Securonix Response to CVE-2021-44228: Securonix On-Prem Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf) | | | 12/10/21 | -| Securonix | Next Gen SIEM | All | Affected | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | -| Securonix | User and Entity Behavior Analytics(UEBA)| All | Affected| [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | -| Securonix | Security Analytics and Operations Platform (SOAR) | All | Affected| [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | -| Securonix | Extended Detection and Response (XDR) | All | Affected| [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | -| Seeburger | | | | | [Seeburger Service Desk Link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) |This advisory is avaiable to customers only and has not been reviewed by CISA | | | +| Securonix | SNYPR Application | | Affected | | [Securonix Response to CVE-2021-44228: Securonix On-Prem Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf) | | | 12/10/21 | +| Securonix | Next Gen SIEM | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | User and Entity Behavior Analytics(UEBA)| All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | Security Analytics and Operations Platform (SOAR) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | Extended Detection and Response (XDR) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Seeburger | | | | | [Seeburger Service Desk Link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) | This advisory is avaiable to customers only and has not been reviewed by CISA. | | | | SentinelOne | | | | | [SentinelOne Blog Post](https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/) | | | | | Sentry | | | | | [Sentry Blog Post](https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228) | | | | | SEP | | | | | [SEP Support Link](https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132) | | | | From e26619023f60715c07a0b13d64c52b8ba47fa35a Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 13:52:11 -0500 Subject: [PATCH 6/9] Update SOFTWARE-LIST.md --- SOFTWARE-LIST.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index 1139b54..ea0f410 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -2357,7 +2357,7 @@ download | | 12/20/2021 | | Security Onion | | | | | [Security Onion Blog Post](https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html) | | | | | Securonix | SNYPR Application | | Affected | | [Securonix Response to CVE-2021-44228: Securonix On-Prem Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf) | | | 12/10/21 | | Securonix | Next Gen SIEM | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | -| Securonix | User and Entity Behavior Analytics(UEBA)| All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | +| Securonix | User and Entity Behavior Analytics(UEBA) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | | Securonix | Security Analytics and Operations Platform (SOAR) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | | Securonix | Extended Detection and Response (XDR) | All | Affected | | [Securonix Response to CVE-2021-44228: Securonix Cloud Customers](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | 12/10/21 | | Seeburger | | | | | [Seeburger Service Desk Link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) | This advisory is avaiable to customers only and has not been reviewed by CISA. | | | From 2a508bf2dbac00fa4a62bdc2fe4b9cc69831d548 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 15:00:34 -0500 Subject: [PATCH 7/9] Update SOFTWARE-LIST.md --- SOFTWARE-LIST.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/SOFTWARE-LIST.md b/SOFTWARE-LIST.md index ea0f410..f02d88f 100644 --- a/SOFTWARE-LIST.md +++ b/SOFTWARE-LIST.md @@ -359,7 +359,7 @@ This list was initially populated using information from the following sources: | Check Point | CloudGuard | All | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | | | Check Point | Harmony Endpoint & Harmony Mobile | All | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | | | Check Point | Infinity Portal | | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | | -| Check Point | Quantum Security Gateway | All | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | +| Check Point | Quantum Security Gateway | All | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | | | Check Point | Quantum Security Management | All | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | Where used, uses the 1.8.0\_u241 version of the JRE that protects against this attack by default. | | | | Check Point | SMB | All | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | | | Check Point | ThreatCloud | | Not Affected | | [sk176865](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | | @@ -1206,7 +1206,7 @@ This list was initially populated using information from the following sources: | Google Cloud | Cloud Natural Language API | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 | | Google Cloud | Cloud Profiler | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 | | Google Cloud | Cloud Router | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/20/2021 | -| Google Cloud | Cloud Run | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version. | | 12/21/2021 | +| Google Cloud | Cloud Run | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version. | | 12/21/2021 | | Google Cloud | Cloud Run for Anthos | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. | | 12/21/2021 | | Google Cloud | Cloud SDK | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/21/2021 | | Google Cloud | Cloud SQL | | Not Affected | | [https://cloud.google.com/log4j2-security-advisory](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | 12/19/2021 | @@ -1897,7 +1897,7 @@ This list was initially populated using information from the following sources: | MailStore | | | | | [MailStore Statement](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | | | Maltego | | | | | [Maltego Response to Logj4](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | | | ManageEngine | Servicedesk Plus | 11305 and below | Affected | | [Manage Engine Advisory](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | 12/15/2021 | -| ManageEngine | AD SelfService Plus | Build 6.1 build 6114 | Not Affected | | | | 12/27/21 | +| ManageEngine | AD SelfService Plus | Build 6.1 build 6114 | Not Affected | | | | | 12/27/21 | | ManageEngine Zoho | | | | | [Manage Engine Link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | | | ManageEngine Zoho | ADManager Plus | On-Prem | | | [ManageEngine Vulnerability Impact](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | |12/16/2021| | ManageEngine Zoho | ADAudit Plus | On-Prem | | | [ManageEngine Vulnerability Impact](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | |12/16/2021| @@ -2012,8 +2012,7 @@ This list was initially populated using information from the following sources: | Nulab | Typetalk | N/A (SaaS) | Fixed | | [Nulab Blog Post](https://nulab.com/blog/company-news/log4shell/) | | | | | Nutanix | AHV | All | Not Affected | | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | 12/20/2021 | | Nutanix | AOS | LTS (including Prism Element), Community Edition | Not Affected | | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | 12/20/2021 | -| Nutanix | AOS | STS (including Prism Element) | Fixed | Yes | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patched in 6.0.2.4, available on the Portal for -download | | 12/20/2021 | +| Nutanix | AOS | STS (including Prism Element) | Fixed | Yes | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patched in 6.0.2.4, available on the Portal for download. | | 12/20/2021 | | Nutanix | Beam | | Fixed | | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | 12/20/2021 | | Nutanix | BeamGov | | Fixed | | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | 12/20/2021 | | Nutanix | Calm | All | Not Affected | | [Nutanix Security Advisory](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | 12/20/2021 | From c534698363b8696d597182dcdd308a0d8c869df2 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 16:13:37 -0500 Subject: [PATCH 8/9] Update CISA guidance --- README.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 705f464..f2ad884 100644 --- a/README.md +++ b/README.md @@ -3,9 +3,10 @@ This repository provides [CISA's guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) and an overview of related software regarding the Log4j vulnerability -(CVE-2021-44228). CISA encourages users and administrators to review the +(CVE-2021-44228). CISA urges users and administrators to review the [official Apache release](https://logging.apache.org/log4j/2.x/security.html) -and upgrade to Log4j 2.17.1 or apply the recommended mitigations immediately. +for updates and mitigation guidance, and upgrade to Log4j 2.17.1 (Java 8), 2.12.4 +(Java 7) and 2.3.2 (Java 6). The information in this repository is provided "as is" for informational purposes only and is being assembled and updated by CISA through From 95e34c2637f4092f153ed9c71c70ecbd1d40640a Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 29 Dec 2021 16:18:03 -0500 Subject: [PATCH 9/9] Update CISA rec guidance --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index f2ad884..d338bed 100644 --- a/README.md +++ b/README.md @@ -3,10 +3,10 @@ This repository provides [CISA's guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) and an overview of related software regarding the Log4j vulnerability -(CVE-2021-44228). CISA urges users and administrators to review the -[official Apache release](https://logging.apache.org/log4j/2.x/security.html) -for updates and mitigation guidance, and upgrade to Log4j 2.17.1 (Java 8), 2.12.4 -(Java 7) and 2.3.2 (Java 6). +(CVE-2021-44228). CISA urges users and administrators to upgrade to Log4j 2.17.1 +(Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6), and review and monitor the +[Apache Log4j Security Vulnerabilities webpage](https://logging.apache.org/log4j/2.x/security.html) +for updates and mitigation guidance. The information in this repository is provided "as is" for informational purposes only and is being assembled and updated by CISA through @@ -35,7 +35,7 @@ or imply their endorsement, recommendation, or favoring by CISA. National Vulnerability Database (NVD) Information: [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228) -## Mitigation Guidance ## +## CISA Mitigation Guidance ## When updates are available, agencies must update software using Log4j to the newest version, which is the most