@ -212,9 +212,9 @@ This list was initially populated using information from the following sources:
| BioMerieux | | | Under Investigation | | [BioMerieux Advisory Link ](https://www.biomerieux.com/en/cybersecurity-data-privacy ) | | | 12/22/2021 |
| BioMerieux | | | Under Investigation | | [BioMerieux Advisory Link ](https://www.biomerieux.com/en/cybersecurity-data-privacy ) | | | 12/22/2021 |
| Bender | | | | | [Bender Link ](https://www.bender.de/en/cert ) | | | |
| Bender | | | | | [Bender Link ](https://www.bender.de/en/cert ) | | | |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link ](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j ) | | | |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link ](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j ) | | | |
| BeyondTrust | Privilege Management Cloud | Unkown | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell) ](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell ) | | | 2021-12-17 |
| BeyondTrust | Privilege Management Cloud | Unkn own | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell) ](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell ) | | | 2021-12-17 |
| BeyondTrust | Privilege Management Reporting in BeyondInsight | 21.2 | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell) ](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell ) | | | 2021-12-17 |
| BeyondTrust | Privilege Management Reporting in BeyondInsight | 21.2 | Fixed | Yes | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell) ](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell ) | | | 2021-12-17 |
| BeyondTrust | Secure Remote Access appliances | Unkown | Not Affected | | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell) ](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell ) | | | 2021-12-17 |
| BeyondTrust | Secure Remote Access appliances | Unkn own | Not Affected | | [Security Advisory – Apache Log4j2 CVE 2021-44228 (Log4Shell) ](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell ) | | | 2021-12-17 |
| BeyondTrust Bomgar | | | | | [BeyondTrust Bomgar Link ](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542 ) | | | |
| BeyondTrust Bomgar | | | | | [BeyondTrust Bomgar Link ](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542 ) | | | |
| BisectHosting | | | | | [BisectHosting Link ](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html ) | | | |
| BisectHosting | | | | | [BisectHosting Link ](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html ) | | | |
| BitDefender | | | | | [BitDefender Advisory Link ](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability ) | | | |
| BitDefender | | | | | [BitDefender Advisory Link ](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability ) | | | |
@ -2113,9 +2113,9 @@ download | | 12/20/2021 |
| PortSwigger | | | | | [PortSwigger Forum ](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 ) | | | |
| PortSwigger | | | | | [PortSwigger Forum ](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0 ) | | | |
| PostGreSQL | | | | | [PostGreSQL News ](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ ) | | | |
| PostGreSQL | | | | | [PostGreSQL News ](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/ ) | | | |
| Postman | | | | | [Postman Support Link ](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- ) | | | |
| Postman | | | | | [Postman Support Link ](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228- ) | | | |
| Power Admin LLC | PA File Sight | NONE | NotAffected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about ]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/ ) | | | 12/17/2021 |
| Power Admin LLC | PA File Sight | NONE | Not Affected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about ]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/ ) | | | 12/17/2021 |
| Power Admin LLC | PA Storage Monitor | NONE | NotAffected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about ]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/ ) | | | 12/17/2021 |
| Power Admin LLC | PA Storage Monitor | NONE | Not Affected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about ]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/ ) | | | 12/17/2021 |
| Power Admin LLC | PA Server Monitor | NONE | NotAffected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about ]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/ ) | | | 12/17/2021 |
| Power Admin LLC | PA Server Monitor | NONE | Not Affected | | [Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about ]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/ ) | | | 12/17/2021 |
| Pretix | | | | | [Pretix Blog Post ](https://pretix.eu/about/de/blog/20211213-log4j/ ) | | | |
| Pretix | | | | | [Pretix Blog Post ](https://pretix.eu/about/de/blog/20211213-log4j/ ) | | | |
| PrimeKey | | | | | [PrimeKey Support Link ](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 ) | | | |
| PrimeKey | | | | | [PrimeKey Support Link ](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228 ) | | | |
| Progress / IpSwitch | | | | | [Progress / IpSwitch Link ](https://www.progress.com/security ) | | | |
| Progress / IpSwitch | | | | | [Progress / IpSwitch Link ](https://www.progress.com/security ) | | | |
@ -2331,7 +2331,7 @@ download | | 12/20/2021 |
| Server Eye | | | | | [Server Eye Blog Post ](https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/ ) | | | |
| Server Eye | | | | | [Server Eye Blog Post ](https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/ ) | | | |
| ServiceNow | | | | | [ServiceNow Support Link ](https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ) | | | |
| ServiceNow | | | | | [ServiceNow Support Link ](https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ) | | | |
| Shibboleth | | | | | [Shibboleth Announcement ](http://shibboleth.net/pipermail/announce/2021-December/000253.html ) | | | |
| Shibboleth | | | | | [Shibboleth Announcement ](http://shibboleth.net/pipermail/announce/2021-December/000253.html ) | | | |
| Shibboleth | All Products | Identity Provider>=3.0, All other software versions | NotAffected | | [Log4j CVE (non)-impact ](https://shibboleth.net/pipermail/announce/2021-December/000253.html ) | | | 12/10/2021 |
| Shibboleth | All Products | Identity Provider>=3.0, All other software versions | Not Affected | | [Log4j CVE (non)-impact ](https://shibboleth.net/pipermail/announce/2021-December/000253.html ) | | | 12/10/2021 |
| Shopify | | | | | [Shopify Community Link ](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625 ) | | | |
| Shopify | | | | | [Shopify Community Link ](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625 ) | | | |
| Siebel | | | | | [Siebel Link ](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html ) | | | |
| Siebel | | | | | [Siebel Link ](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html ) | | | |
| Siemens | Advantage Navigator Energy & Sustainability | All Versions < 2021-12-13 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities ](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf ) | Vulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13 ; no user actions necessary . See further recommendations from [Siemens Advisory SSA-661257 ](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf ) | | 12 / 18 / 2021 |
| Siemens | Advantage Navigator Energy & Sustainability | All Versions < 2021-12-13 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities ](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf ) | Vulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13 ; no user actions necessary . See further recommendations from [Siemens Advisory SSA-661257 ](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf ) | | 12 / 18 / 2021 |
@ -2517,7 +2517,7 @@ download | | 12/20/2021 |
| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046) ](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html ) | | | 9:25 am PT, 12/21/21 |
| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046) ](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html ) | | | 9:25 am PT, 12/21/21 |
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046) ](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html ) | | | 9:25 am PT, 12/21/21 |
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046) ](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html ) | | | 9:25 am PT, 12/21/21 |
| Sprecher Automation | | | | | [Sprecher Automation Security Alert ](https://www.sprecher-automation.com/en/it-security/security-alerts ) | | | |
| Sprecher Automation | | | | | [Sprecher Automation Security Alert ](https://www.sprecher-automation.com/en/it-security/security-alerts ) | | | |
| Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |
| Spring | Spring Boot | | Unkn own | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |
| Spring Boot | | | | | [Spring Boot Vulnerability Statement ](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ) | | | |
| Spring Boot | | | | | [Spring Boot Vulnerability Statement ](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ) | | | |
| StarDog | | | | | [StarDog ](https://community.stardog.com/t/stardog-7-8-1-available/3411 ) | | | |
| StarDog | | | | | [StarDog ](https://community.stardog.com/t/stardog-7-8-1-available/3411 ) | | | |
| STERIS | Advantage | | Not Affected | | [STERIS Advisory Link ](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf ) | | | 12/22/2021 |
| STERIS | Advantage | | Not Affected | | [STERIS Advisory Link ](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf ) | | | 12/22/2021 |