diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 98bb421..fd7b59e 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,7 +3,7 @@ # These owners will be the default owners for everything in the # repo. Unless a later match takes precedence, these owners will be # requested for review when someone opens a pull request. -* @ChrisSCISA @justmurphy @KwadwoBCISA +* @iainDe @justmurphy @Lcerkov # These folks own any dot-files in the repository. .* @dav3r @felddy @jsf9k @mcdonnnj diff --git a/README.md b/README.md index 9d11493..a4b967f 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,11 @@ # CISA Log4j (CVE-2021-44228) Vulnerability Guidance # -This repository provides CISA's guidance and an overview of related software -regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and -administrators to review the +This repository provides +[CISA's guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) +and an overview of related software regarding the Log4j vulnerability +(CVE-2021-44228). CISA encourages users and administrators to review the [official Apache release](https://logging.apache.org/log4j/2.x/security.html) -and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately. +and upgrade to Log4j 2.17.0 or apply the recommended mitigations immediately. The information in this repository is provided "as is" for informational purposes only and is being assembled and updated by CISA through @@ -19,10 +20,12 @@ or imply their endorsement, recommendation, or favoring by CISA. ## Official CISA Guidance & Resources ## - [CISA Apache Log4j Vulnerability Guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance) +- [Emergency Directive 22-02 Mitigate Apache Log4j Vulnerability](https://www.cisa.gov/emergency-directive-22-02) - [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability). ## CISA Current Activity Alerts ## +- [CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/17/cisa-issues-ed-22-02-directing-federal-agencies-mitigate-apache) - [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce) - [CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228) @@ -59,17 +62,18 @@ This list was initially populated using information from the following sources: - Kevin Beaumont - SwitHak -| Vendor | Product| Version(s)| Status| Update available| Vendor link | Notes | Other References | Last Updated | -| ------ | -------------------- | ---- | ----- | --------------- | ----------- | ----- | ---------------- | ------------ | -| 1Password | | | | | [1Password Community Discussion](https://1password.community/discussion/comment/622612/#Comment_622612) | | | | +| Vendor | Product | Version(s) | Status | Update Available | Vendor Link | Notes | Other References | Last Updated | +| ------ | ------- | ---------- | ------ | ---------------- | ----------- | ----- | ---------------- | ------------ | +| 1Password | 1Password | | Not affected | | [1Password public response on Reddit](https://www.reddit.com/r/1Password/comments/rea7dd/comment/hoe41ci) | | | 12/20/2021 | | 2n | | | | | [2n Advisory Link](https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2) | | | | | 3CX | | | | | [3CX Community Thread Link](https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911) | | | | -|3M Health Information Systems| CGS | | Affected | Unknown |[CGS: Log4j Software Update(login required)](https://support.3mhis.com/app/account/updates/ri/5210) |This advisory is available to customer only and has not been reviewed by CISA.||12/15/2021| +| 3M Health Information Systems | CGS | | Affected | Unknown |[CGS: Log4j Software Update(login required)](https://support.3mhis.com/app/account/updates/ri/5210) | This advisory is available to customer only and has not been reviewed by CISA. | | 12/15/2021 | | 7-Zip | | | | | [7Zip Discussion Link](https://sourceforge.net/p/sevenzip/discussion/45797/thread/b977bbd4d1) | | | | | ABB | | | | | [ABB Link](https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch) | | | | | ABB | ABB Remote Service | ABB Remote Platform (RAP) | Affected | | Details are shared with active subscribers | | | | -| ABB | AlarmInsight Cloud | AlarmInsight KPI Dashboards 1.0.0 | Under Investigation | Pending | | | | | +| ABB | AlarmInsight Cloud | AlarmInsight KPI Dashboards 1.0.0 | Under Investigation | | | | | | | ABB | B&R Products | See Vendor Advisory | | | [BR-Automation Advisory](https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf) | | | | +| Abbott | | | | | [Abbott Advisory Link](https://www.abbott.com/policies/cybersecurity/apache-Log4j.html) | | | 12/30/2021 | | Accellence | | | | | [Accellence Article](https://www.accellence.de/en/articles/national-vulnerability-database-62) | | | | | Accellion | Kiteworks | v7.6 release | Fixed | Yes | [Kiteworks Statement](https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/) | "As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 contained in the Solr package as recommended by Apache Solr group. Specifically, it updates the Log4j library to a non-vulnerable version on CentOS 7 systems as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true” to disable the possible attack vector on both CentOS 6 and CentOS 7." | |12/16/2021 | | Acquia | | | | | [Acquia Article](https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228) | | | | @@ -82,6 +86,10 @@ This list was initially populated using information from the following sources: | ADP | | | | | [ADP Alert Link](https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx) | | | | | AFAS Software | | | | | [AFAS Software Link](https://help.afas.nl/vraagantwoord/NL/SE/120439.htm) | | | | | Agilysys | | | | | [Agilysys Link](https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f) | | | | +| Advanced Systems Concepts (formally Jscape) | Active MFT | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 | +| Advanced Systems Concepts (formally Jscape) | MFT Server | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 | +| Advanced Systems Concepts (formally Jscape) | MFT Gateway | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 | +| Advanced Systems Concepts (formally Jscape) | MFT | | Not Affected | No | [Log4J Vulnerabilty](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | 12/14/2021 | | Akamai | SIEM Splunk Connector| All | Affected |Yes | [Akamai SIEM Integration](https://splunkbase.splunk.com/app/4310/) |v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities| |12/15/2021| | Alcatel | | | | | [Alcatel Link](https://dokuwiki.alu4u.com/doku.php?id=log4j) | | | | | Alertus | | | | | [Alertus Article Link](https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US) | | | | @@ -94,12 +102,19 @@ This list was initially populated using information from the following sources: | Amazon | AWS Lambda | Unknown | Affected | Yes | [Apache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | | | Amazon | EC2 | Amazon Linux 1 & 2 | Not Affected | | [Apache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | 12/15/2021 | | Amazon | OpenSearch | Unknown | Affected | Yes [(R20211203-P2)](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | [Apache Log4j2 Security Bulletin (CVE-2021-44228) (amazon.com)](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | | -| Apache | Druid | < druid 0.22.0 | Affected | Yes | [Release druid-0.22.1 · apache/druid · GitHub](https://github.com/apache/druid/releases/tag/druid-0.22.1) | | | 12/12/2021| +| Apache | Camel | 3.14.1.3.11.5,3.7.7 | Affected | Yes | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/)| Apache Camel does not directly depend on Log4j 2, so we are not affected by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own applications, make sure to upgrade.Apache Camel does use log4j during testing itself, and therefore you can find that we have been using log4j v2.13.3 release in our latest LTS releases Camel 3.7.6, 3.11.4. | | 12/13/2021 | +| Apache | Camel Quarkus | | Not Affected | No | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/) | | | 12/13/2021 | +| Apache | Camel K | | Not Affected | No | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/) | | | 12/13/2021 | +| Apache | CamelKafka Connector | | Not Affected | No | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/) | | | 12/13/2021 | +| Apache | Camel Karaf | | Affected | No | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/) | The Karaf team is aware of this and are working on a new Karaf 4.3.4 release with updated log4j. | | 12/13/2021 | +| Apache | Camel JBang | <=3.1.4 | Affected | No | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/) | | | 12/13/2021 | +| Apache | Camel 2 | | Not Affected | None | [APACHE CAMEL AND CVE-2021-44228 (LOG4J)](https://camel.apache.org/blog/2021/12/log4j2/) | | | 12/13/2021 | +| Apache | Druid | < druid 0.22.0 | Affected | Yes | [Release druid-0.22.1 · apache/druid · GitHub](https://github.com/apache/druid/releases/tag/druid-0.22.1) | | | 12/12/2021 | | Apache | Flink | < flink 1.15.0, 1.14.1, 1.13.3 | Affected | No | [Apache Flink: Advise on Apache Log4j Zero Day (CVE-2021-44228)](https://flink.apache.org/2021/12/10/log4j-cve.html) | | | 12/12/2021 | | Apache | Kafka | All | Not Affected | No | [Kafka Apache List](https://kafka.apache.org/cve-list) | The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1, not v2. | | 12/14/2021 | | Apache | Kafka | Unknown | Affected | No | [Log4j – Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html)| Only vulnerable in certain configuration(s) | | | | Apache | Log4j | < 2.15.0 | Affected | Yes | [Log4j – Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html) | | | | -| Apache | SOLR | 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 | Affected | Yes | [Log4j – Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html) | | | | +| Apache | Solr | 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 | Fixed | Yes | [Apache Solr Security](https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228) | Update to 8.11.1 or apply fixes as described in Solr security advisory | [Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html) | 12/16/2021 | | Apereo | CAS | 6.3.x & 6.4.x | Affected | Yes | [CAS Log4J Vulnerability Disclosure – Apereo Community Blog](https://apereo.github.io/2021/12/11/log4j-vuln/) | | | | | Apereo | Opencast | < 9.10, < 10.6 | Affected | Yes | [Apache Log4j Remote Code Execution · Advisory · opencast/opencast · GitHub](https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8) | | | | | Application Performance Ltd | DBMarlin | Not Affected | | [Common Vulnerabilities Apache log4j Vulnerability CVE-2021-4428](https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428)| | | | 12/15/2021 | @@ -111,6 +126,8 @@ This list was initially populated using information from the following sources: | Application Performance Ltd | DBMarlin | Not Affected | | [Common Vulnerabilities Apache log4j Vulnerability CVE-2021-4428](https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428)| | | | 12/15/2021 | | APPSHEET | | | | | [APPSHEET Community Link](https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976) | | | | | Aptible | Aptible | ElasticSearch 5.x | Affected | Yes | [Aptible Status - Log4j security incident CVE-2021-27135](https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4) | | | | +| APC by Schneider Electric | Powerchute Business Edition | v9.5, v10.0.1, v10.0.2, v10.0.3, v10.0.4 | Fixed | No | [https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345](https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345) | Mitigation instructions to remove the affected class. | | 12/15/2021 | +| APC by Schneider Electric | Powerchute Network Shutdown | 4.2, 4.3, 4.4, 4.4.1 | Fixed | No | [https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345](https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345) | Mitigation instructions to remove the affected class. | | 12/15/2021 | | Aqua Security | | | | | [Aqua Security Google Doc](https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub) | | | | | Arca Noae | | | | | [Arca Noae Link](https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/) | | | | | ArcticWolf | | | | | [ArcticWolf Blog Post](https://arcticwolf.com/resources/blog/log4j) | | | | @@ -124,7 +141,7 @@ This list was initially populated using information from the following sources: | Atlassian | Bitbucket Server & Data Center | All | Affected | Yes | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product is not vulnerable to remote code execution but may leak information due to the bundled Elasticsearch component being vulnerable. | | | | Atlassian | Confluence Server & Data Center | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | Atlassian | Crowd Server & Data Center | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | -| Atlassian | Crucible | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | +| Atlassian | Crucible | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | Atlassian | Fisheye | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | Atlassian | Jira Server & Data Center | All | Not Affected | | [Multiple Products Security Advisory - Log4j Vulnerable To Remote Code Execution - CVE-2021-44228](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html)| This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | | | Attivo networks | | | | | [Attivo Networks Advisory](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) | | | | @@ -134,35 +151,35 @@ This list was initially populated using information from the following sources: | Autopsy | | | | | [Autopsy Link](https://www.autopsy.com/autopsy-and-log4j-vulnerability/) | | | | | Auvik | | | | | [Auvik Status Link](https://status.auvik.com/incidents/58bfngkz69mj) | | | | | Avantra SYSLINK | | | | | [Avantra SYSLINK Article](https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability) | | | | -| Avaya | Avaya Analytics | 3.5, 3.6, 3.6.1, 3.7, 4| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura for OneCloud Private | | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Application Enablement Services | 8.1.3.2, 8.1.3.3, 10.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020551u](https://download.avaya.com/css/public/documents/101079386) | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Contact Center | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Device Services | 8, 8.1, 8.1.4, 8.1.5 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Media Server | 8.0.0, 8.0.1, 8.0.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020549u](https://download.avaya.com/css/secure/documents/101079316) | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Presence Services | 10.1, 7.1.2, 8, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Session Manager | 10.1, 7.1.3, 8, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020550u](https://download.avaya.com/css/public/documents/101079384)| Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® System Manager | 10.1, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN005565u](https://download.avaya.com/css/secure/documents/101079390)| Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura® Web Gateway | 3.11[P], 3.8.1[P], 3.8[P], 3.9.1 [P], 3.9[P]| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Breeze™ | 3.7, 3.8, 3.8.1| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Contact Center Select | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya CRM Connector - Connected Desktop | 2.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Device Enablement Service | 3.1.22 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Meetings | 9.1.10, 9.1.11, 9.1.12| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya one cloud private -UCaaS - Mid Market Aura | 1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya OneCloud-Private | 2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Session Border Controller for Enterprise | 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 | Affected | Yes| [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020554u](https://download.avaya.com/css/public/documents/101079394)| Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Social Media Hub | | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Workforce Engagement | 5.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Business Rules Engine | 3.4, 3.5, 3.6, 3.7| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Callback Assist | 5, 5.0.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Control Manager | 9.0.2, 9.0.2.1| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Device Enrollment Service | 3.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Equinox™ Conferencing | 9.1.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Interaction Center | 7.3.9 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | IP Office™ Platform | 11.0.4, 11.1, 11.1.1, 11.1.2| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Proactive Outreach Manager | 3.1.2, 3.1.3, 4, 4.0.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya |Avaya Aura® Device Services | 8.0.1, 8.0.2, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | Tuesday, December 14, 2021 - 8:30pm ET | +| Avaya | Avaya Analytics | 3.5, 3.6, 3.6.1, 3.7, 4| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Aura for OneCloud Private | | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. | | 12/14/2021 | +| Avaya | Avaya Aura® Application Enablement Services | 8.1.3.2, 8.1.3.3, 10.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020551u](https://download.avaya.com/css/public/documents/101079386) | 12/14/2021 | +| Avaya | Avaya Aura® Contact Center | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Aura® Device Services | 8, 8.1, 8.1.4, 8.1.5 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Aura® Media Server | 8.0.0, 8.0.1, 8.0.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020549u](https://download.avaya.com/css/secure/documents/101079316) | 12/14/2021 | +| Avaya | Avaya Aura® Presence Services | 10.1, 7.1.2, 8, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Aura® Session Manager | 10.1, 7.1.3, 8, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020550u](https://download.avaya.com/css/public/documents/101079384)| 12/14/2021 | +| Avaya | Avaya Aura® System Manager | 10.1, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN005565u](https://download.avaya.com/css/secure/documents/101079390)| 12/14/2021 | +| Avaya | Avaya Aura® Web Gateway | 3.11[P], 3.8.1[P], 3.8[P], 3.9.1 [P], 3.9[P]| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Breeze™ | 3.7, 3.8, 3.8.1| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Contact Center Select | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya CRM Connector - Connected Desktop | 2.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Device Enablement Service | 3.1.22 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Meetings | 9.1.10, 9.1.11, 9.1.12| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya one cloud private -UCaaS - Mid Market Aura | 1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya OneCloud-Private | 2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Session Border Controller for Enterprise | 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 | Affected | Yes| [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | [PSN020554u](https://download.avaya.com/css/public/documents/101079394)| 12/14/2021 | +| Avaya | Avaya Social Media Hub | | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Avaya Workforce Engagement | 5.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Business Rules Engine | 3.4, 3.5, 3.6, 3.7| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Callback Assist | 5, 5.0.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Control Manager | 9.0.2, 9.0.2.1| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Device Enrollment Service | 3.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Equinox™ Conferencing | 9.1.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Interaction Center | 7.3.9 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | IP Office™ Platform | 11.0.4, 11.1, 11.1.1, 11.1.2| Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya | Proactive Outreach Manager | 3.1.2, 3.1.3, 4, 4.0.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | +| Avaya |Avaya Aura® Device Services | 8.0.1, 8.0.2, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609)| | | 12/14/2021 | | AVEPOINT | | | | | [AVEPOINT Notification](https://www.avepoint.com/company/java-zero-day-vulnerability-notification) | | | | | AVM | | | | | [AVM Link](https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C) | | | | | AvTech RoomAlert | | | | | [AvTech RoomAlert Article](https://avtech.com/articles/23124/java-exploit-room-alert-link/) | | | | @@ -171,13 +188,32 @@ This list was initially populated using information from the following sources: | AXS Guard | | | | | [AXS Guard Blog Post](https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77) | | | | | Axways Applications | | | | | [Axways Applications Link](https://support.axway.com/news/1331/lang/en) | | | | | B&R Industrial Automation | APROL | | Not Affected | | [B&R Statement](https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf)| | | 12/16/2021| +| Baxter | | | | Under Investigation | [Baxter Advisory Link](https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf) | | | 12/20/2021 | | BackBox | | | | | [BackBox Update](https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf) | | | | | Balbix | | | | | [Balbix Blog Post](https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/) | | | | | Baramundi Products | | | | | [Baramundi Products Forum](https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875) | | | | | Barco | | | | | [Barco Link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | | | Barracuda | | | | | [Barracuda Link](https://www.barracuda.com/company/legal/trust-center) | | | | -| BBraun | | | | | [BBraun Advisory](https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b-braun-statement-on-Apache_Log4j.html) | This advisory is available to customer only and has not been reviewed by CISA. | | | -| BD | | | | | [BD Bulletin](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | | +| BBraun | Outlook® Safety Infusion System Pump family | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 | +| BBraun | Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® Infusion | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 | +| BBraun | Pump, SpaceStation, and Space® Wireless Battery) | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 | +| BBraun | DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 | +| BBraun | Pinnacle® Compounder | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 | +| BBraun | APEX® Compounder | | Not Affected | No | [BBraun Advisory Link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | 12/20/2021 | +| BD | Arctic Sun™ Analytics | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD Diabetes Care App Cloud | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD HealthSight™ Clinical Advisor | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD HealthSight™ Data Manager | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD HealthSight™ Diversion Management | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD HealthSight™ Infection Advisor | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD HealthSight™ Inventory Optimization Analytics | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD HealthSight™ Medication Safety | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD Knowledge Portal for Infusion Technologies | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD Knowledge Portal for Medication Technologies | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD Knowledge Portal for BD Pyxis™ Supply | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD Synapsys™ Informatics Solution | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| BD | BD Veritor™ COVID At Home Solution Cloud | | Not Affected | No | [BD Advisory Link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | 12/20/2021 | +| Beckman Coulter | ||Under Investigation | |[Beckman Coulter Advisory Link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | 12/20/2021 | | Bender | | | | | [Bender Link](https://www.bender.de/en/cert) | | | | | Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | | [Vendor Link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | | | BeyondTrust | Privilege Management Cloud | Unkown | Fixed | | [BeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | vulnerability has been mitigated on all customer instances as of December 10, 2021 | KB0016542 | 2021-12-15 | @@ -188,7 +224,7 @@ This list was initially populated using information from the following sources: | BitDefender | | | | | [BitDefender Advisory Link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | | | BitNami By VMware | | | | | [BitNami By VMware](https://docs.bitnami.com/general/security/security-2021-12-10/) | | | | | BitRise | | | | | [BitRise Post](https://blog.bitrise.io/post/bitrises-response-to-log4j-vulnerability-cve-2021-44228) | | | | -| BitWarden | | | | | [BitWarden Community Link](https://community.bitwarden.com/t/log4j-log4shell-cve-is-bitwarden-affected-due-to-docker-image/36177/2) | | | | +| Bitwarden | | | Not Affected | | [Bitwarden Community Link](https://community.bitwarden.com/t/log4j-log4shell-cve-is-bitwarden-affected-due-to-docker-image/36177/2) | | | | | Black Kite | | | | | [Black Kite Link](https://blackkite.com/log4j-rce-vulnerability-log4shell-puts-millions-at-risk/) | | | | | Blancco | | | | | [Blancco Support Link](https://support.blancco.com/display/NEWS/2021/12/12/CVE-2021-44228+-+Critical+vulnerability+in+Apache+Log4j+library) | | | | | Blumira | | | | | [Blumira Link](https://www.blumira.com/cve-2021-44228-log4shell/) | | | | @@ -229,10 +265,12 @@ This list was initially populated using information from the following sources: | BMC | TrueSight Infrastructure Management | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | | | BMC | TrueSight Operations Management | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | | | BMC | TrueSight Orchestration | | Under Investigation | | [BMC Security Advisory for CVE-2021-44228 Log4Shell Vulnerability - Blogs & Documents - BMC Community](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | | +| Boston Scientific | | |Under Investigation | |[Boston Scientific Advisory Link](https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf) | | | 12/20/2021 | | Box | | | | | [Box Blog Post](https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228) | | | | | Brainworks | | | | | [Brainworks Link](https://www.brainworks.de/log4j-exploit-kerio-connect-workaround/) | | | | | BrightSign | | | | | [BrightSign Link](https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j) | | | | | Broadcom | Advanced Secure Gateway (ASG) | | Under Investigation | | [Broadcom Support Portal](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | | +| Broadcom | Automic Automation | | | | [Broadcome Automic Automation Link](https://knowledge.broadcom.com/external/article?articleId=230308) | | | | | Broadcom | BCAAA | | Under Investigation | | [Broadcom Support Portal](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | | | Broadcom | CA Advanced Authentication | 9.1 | Affected | | | | | | | Broadcom | CA Risk Authentication | | Affected | | | | | | @@ -284,15 +322,16 @@ This list was initially populated using information from the following sources: | Broadcom | Web Isolation (WI) | | Under Investigation | | [Broadcom Support Portal](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | | | Broadcom | Web Security Service (WSS) | | Under Investigation | | [Broadcom Support Portal](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | | | Broadcom | WebPulse | | Under Investigation | | [Broadcom Support Portal](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | | -| Broadcom Automic Automation | | | | | [Broadcome Automic Automation Link](https://knowledge.broadcom.com/external/article?articleId=230308) | | | | | C4b XPHONE | | | | | [C4b XPHONE Link](https://www.c4b.com/de/news/log4j.php) | | | | | Camunda | | | | | [Camunda Forum Link](https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910) | | | | | CarbonBlack | | | | | [CarbonBlack Advisory](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | | +| Carestream | | | Not Affected | |[Carestream Advisory Link](https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy) | | | 12/20/2021 | | CAS genesisWorld | | | | | [CAS genesisWorld Link](https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446) | | | | | Cato Networks | | | | | [Cato Networks Blog Post](https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/) | | | | +| Cepheid | C360 | | Not Affected | |[Cepheid Advisory Link](https://www.cepheid.com/en_US/legal/product-security-updates) | | | 12/20/2021 | +| Cepheid | GeneXpert | | Under Investigation | |[Cepheid Advisory Link](https://www.cepheid.com/en_US/legal/product-security-updates) | | | 12/20/2021 | | Cerberus FTP | | | | | [Cerberus Article](https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability) | | | | | Chaser Systems | discrimiNAT Firewall | All | Not Affected | | [Are Chaser’s products affected](https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected) | | | | -| ChaserSystems | | | | | [ChaserSystems Link](https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected) | | | | | Check Point | CloudGuard | | Not Affected | | | | | | | Check Point | Harmony Endpoint & Harmony Mobile | | Not Affected | | | | | | | Check Point | Infinity Portal | | Not Affected | | | | | | @@ -303,7 +342,7 @@ This list was initially populated using information from the following sources: | CheckMK | | | | | [CheckMK Forum](https://forum.checkmk.com/t/checkmk-not-affected-by-log4shell/28643/3) | | | | | Ciphermail | | | | | [Ciphermail Blog Post](https://www.ciphermail.com/blog/ciphermail-gateway-and-webmail-messenger-are-not-vulnerable-to-cve-2021-44228.html) | | | | | CIS | | | | | [CIS Customer Portal](https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2434301961) | | | | -| Cisco | AppDynamics | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | +| Cisco | AppDynamics | | Affected | Yes | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Common Services Platform Collector | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Network Services Orchestrator (NSO) | | Affected | No | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco System Architecture Evolution Gateway (SAEGW) | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | @@ -368,7 +407,7 @@ This list was initially populated using information from the following sources: | Cisco | Cisco Nexus 5600 Platform Switches | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Nexus 6000 Series Switches | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Nexus 7000 Series Switches | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | -| Cisco | Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) || | | +| Cisco | Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Nexus Dashboard (formerly Cisco Application Services Engine) | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Nexus Data Broker | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | | Cisco | Cisco Nexus Insights | | Under Investigation | | [Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | | @@ -487,7 +526,16 @@ This list was initially populated using information from the following sources: | Cohesity | | | | | [Cohesity Support Link](https://support.cohesity.com/s/article/Security-Advisory-Apache-Log4j-Remote-Code-Execution-RCE-CVE-2021-44228) | | | | | CommVault | | | | | [CommVault Documentation](https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html) | | | | | ConcreteCMS.com | | | | | [ConcreteCMS.com Link](https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit) | | | | -| Confluent | | | | | [Confluent Support Link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability) | | | | +| Confluent | Confluent Cloud | N/A | Fixed | | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent Platform | <7.0.1 | Affected | Yes | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent for Kubernetes | N/A | Not Affected | | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent Kafka Connectors|N/A|Not Affected|N/A|[December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors)|||12/17/2021| +| Confluent | Confluent ElasticSearch Sink Connector | <11.1.7 | Affected | Yes | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent Google DataProc Sink Connector | <1.1.5 | Affected | Yes | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent Splunk Sink Connector | <2.05 | Affected | Yes | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent HDFS 2 Sink Connector | <10.1.3 | Affected | Yes | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent HDFS 3 Sink Connector | <1.1.8 | Affected | | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | +| Confluent | Confluent VMWare Tanzu GemFire Sink Connector | <1.0.8 | Affected | Yes | [December 2021 Log4j Vulnerabilities Advisory](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | 12/17/2021 | | Connect2id | | | | | [Connect2id Blog Post](https://connect2id.com/blog/connect2id-server-12-5-1) | | | | | ConnectWise | | | | | [ConnectWise Advisory Link](https://www.connectwise.com/company/trust/advisories) | | | | | ContrastSecurity | | | | | [ContrastSecurity Article](https://support.contrastsecurity.com/hc/en-us/articles/4412612486548) | | | | @@ -496,13 +544,13 @@ This list was initially populated using information from the following sources: | CouchBase | | | | | [CouchBase Forums](https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402) | | | | | CPanel | | | | | [CPanel Forms](https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/) | | | | | Cradlepoint | | | | | [Cradlepoint](https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/) | | | | -| Crestron | | | | | [Crestron Advisory](https://www.crestron.com/Security/Security_Advisories/Apache-Log4j) | | | | +| Crestron | | | Not Affected | | [Crestron Advisory](https://www.crestron.com/Security/Security_Advisories/Apache-Log4j) | | | 12/20/2021 | | CrushFTP | | | | | [CrushFTP Link](https://www.crushftp.com/download.html) | | | | | CryptShare | | | | | [Cryptshare Support Link](https://www.cryptshare.com/en/support/cryptshare-support/#c67572) | | | | -| Cumul.io | | | | | | [Cumul.io Status Link](https://status.cumul.io/#incidents) | | | | -| CyberArk | Privileged Threat Analytics (PTA)| N/A | Affected | Yes | [CyberArk Customer Force](https://cyberark-customers.force.com/s/login/?ec=302&startURL=%2Fs%2Farticle%2FPTA-CVE-2021-44228-Mitigation-for-Privilege-Threat-Analytics) | | This advisory is available to customers only and has not been reviewed by CISA. |12/14/2021| +| CyberArk | Privileged Threat Analytics (PTA)| N/A | Fixed | Yes | [CyberArk Customer Force](https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228) | | This advisory is available to customers only and has not been reviewed by CISA. |12/14/2021| | Cybereason | | | | | [Cybereason Blog Post](https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228) | | | | | CyberRes | | | | | [CyberRes Community Link](https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228) | | | | +| Cydar Medical | | | Not Affected | | [Cydar Advisory Link](https://www.cydarmedical.com/news/cydar-response-to-apache-log4j-vulnerability) | | | 12/21/2021 | | DarkTrace | | | | | [DarkTrace Customer Portal](https://customerportal.darktrace.com/inside-the-soc/get-article/201) | | | | | Dassault Systèmes | | | | | [Dassault Systemes Link](https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e) | | | | | Databricks | | | | | [Databricks Google Doc](https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub) | | | | @@ -513,59 +561,376 @@ This list was initially populated using information from the following sources: | dCache.org | | | | | [dCache.org Link](https://www.dcache.org/post/log4j-vulnerability/) | | | | | Debian | | | | | [Debian Tracker Link](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | | | Deepinstinct | | | | | [Deepinstinct Link](https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know) | | | | -| Dell | | | | | [Dell Support Link](https://www.dell.com/support/kbdoc/en-us/000194416/additional-information-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | | | | -| Dell | Boomi | | | | [Dell Boomi Link](https://community.boomi.com/s/article/Log4j-Vulnerability) | This advisory is available to customer only and has not been reviewed by CISA. | | | -| Dell | iDRAC | | Not Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability?lwp=rt) | | | | -| Dell | iDRAC Service Module | | Not Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability?lwp=rt) | | | | -| Dell | OpenManage Enterprise - Modular | | Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability?lwp=rt) | Patch expected 2021-12-17 | | | -| Dell | OpenManage Enterprise | | Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability?lwp=rt) | Patch expected 2021-12-17 | | | -| Dell | OpenManage Enterprise Services | | Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability?lwp=rt) | Patch expected 2021-12-17 | | | +| Dell | Alienware Command Center | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Alienware OC Controls | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Alienware On Screen Display | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Alienware Update | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Atmos | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Azure Stack HCI | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | CalMAN Powered Calibration Firmware | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | CalMAN Ready for Dell | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Centera | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Chameleon Linux Based Diagnostics | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Chassis Management Controller (CMC) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | China HDD Deluxe | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Cloud Mobility for Dell EMC Storage | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Cloud Tiering Appliance | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Connectrix (Cisco MDS 9000 switches) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Connextrix B Series | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | CyberSecIQ Application | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | CyberSense for PowerProtect Cyber Recovery | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell BSAFE Crypto-C Micro Edition | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell BSAFE Crypto-J | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell BSAFE Micro Edition Suite | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Calibration Assistant | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Cinema Color | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Cloud Command Repository Manager | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Cloud Management Agent | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Color Management | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command Configure | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command Integration Suite for System Center | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command Intel vPro Out of Band | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command Monitor | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command Power Manager | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command PowerShell Provider | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Command Update | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Customer Connect | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Data Guardian* | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Data Protection* | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Data Recovery Environment | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Data Vault | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Data Vault for Chrome OS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Deployment Agent | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Digital Delivery | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Direct USB Key | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Display Manager 1.5 for Windows / macOS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Display Manager 2.0 for Windows / macOS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC AppSync | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Cloudboost | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC CloudLink | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Container Storage Modules | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Data Computing Appliance (DCA) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Data Protection Advisor | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC DataIQ | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Disk Library for Mainframe | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC GeoDrive | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Isilon InsightIQ | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC License Manager | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Networking Onie | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC OpenManage Ansible Modules | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC OpenManage integration for Splunk | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC OpenManage Integration for VMware vCenter | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC OpenManage Management pack for vRealize Operations | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | "Dell EMC PowerMax VMAX VMAX3 and VMAX AFA" | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerPath | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerPath Management Appliance | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerProtect Cyber Recovery | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerScale OneFS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerShell for PowerMax | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerShell for Powerstore | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerShell for Unity | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | "Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC" | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerVault ME4 Series Storage Arrays | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC PowerVault MD3 Series Storage Arrays | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Repository Manager (DRM) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC SourceOne | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Systems Update (DSU) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Unisphere 360 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC Virtual Storage Integrator | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC VPLEX | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell EMC XtremIO | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Encryption Enterprise* | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Encryption Personal* | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Endpoint Security Suite Enterprise* | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Hybrid Client | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell ImageAssist | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Insights Client | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Linux Assistant | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Mobile Connect | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Monitor ISP (Windows/Mac/Linux) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Monitor SDK | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Networking X-Series | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Open Manage Mobile | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Open Manage Server Administrator | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell OpenManage Change Management | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell OpenManage Enterprise Power Manager Plugin | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Optimizer | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell OS Recovery Tool | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Peripheral Manager 1.4 / 1.5 for Windows | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Platform Service | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Power Manager | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Power Manager Lite | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Precision Optimizer | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Precision Optimizer for Linux | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Premier Color | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Recovery (Linux) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Remediation Platform | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Remote Execution Engine (DRONE) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Security Advisory Update - DSA-2021-088 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Security Management Server & Dell Security Management Server Virtual* | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell SupportAssist SOS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Thin OS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Threat Defense | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell True Color | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Trusted Device | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dell Update | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Dream Catcher | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | DUP Creation Service | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | DUP Framework (ISG) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Embedded NAS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Embedded Service Enabler | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Equallogic PS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Fluid FS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | iDRAC Service Module (iSM) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Infinity MLK (firmware) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Integrated Dell Remote Access Controller (iDRAC) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | ISG Accelerators | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | ISG Board & Electrical | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | IsilonSD Management Server | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | IVE-WinDiag | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Mainframe Enablers | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | My Dell | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | MyDell Mobile | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | NetWorker Management Console | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking BIOS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking DIAG | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking N-Series | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking OS 10 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking OS9 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking SD-WAN Edge SD-WAN | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking W-Series | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Networking X-Series | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OMIMSSC (OpenManage Integration for Microsoft System Center) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OMNIA | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OpenManage Connections - Nagios | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OpenManage Connections - ServiceNow | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OpenManage Integration for Microsoft System Center for System Center Operations Manager | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OpenManage Integration with Microsoft Windows Admin Center | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | OpenManage Network Integration | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PowerConnect N3200 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PowerConnect PC2800 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PowerConnect PC8100 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PowerEdge BIOS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PowerEdge Operating Systems | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PowerTools Agent | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PPDM Kubernetes cProxy | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | PPDM VMware vProxy | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Redtail | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Remotely Anywhere | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Riptide (firmware) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Rugged Control Center (RCC) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SD ROM Utility | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SDNAS | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | """Server Storage""" | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Smart Fabric Storage Software | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SmartByte | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SMI-S | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Software RAID | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Solutions Enabler | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Solutions Enabler vApp | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Sonic | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SRS VE | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Storage Center OS and additional SC applications unless otherwise noted | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SupportAssist Client Commercial | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | SupportAssist Client Consumer | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | UCC Edge | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Unisphere for PowerMax | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Unisphere for PowerMax vApp | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Unisphere for VMAX | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Unisphere for VNX | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Update Manager Plugin | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | ViPR Controller | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | VNX1 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | VNX2 | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | VPLEX VS2/VS6 / VPLEX Witness | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Vsan Ready Nodes | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Warnado MLK (firmware) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Wyse Proprietary OS (ThinOS) | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | Wyse Windows Embedded Suite | N/A | Not Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | 12/15/2021 | +| Dell | APEX Console | N/A | Fixed | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched | | 12/15/2021 | +| Dell | APEX Data Storage Services | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patch in progress | | 12/15/2021 | +| Dell | Cloud IQ | | Fixed | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched | | 12/15/2021 | +| Dell | Connectrix (Cisco MDS DCNM) | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21 | | 12/15/2021 | +| Dell | Connectrix B-Series SANnav | 2.1.1 | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 3/31/2022 | | 12/15/2021 | +| Dell | Data Domain OS | Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-274 | | 12/15/2021 | +| Dell | Dell EMC Avamar | "18.2 19.1 19.2 19.3 19.4" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | 12/15/2021 | +| Dell | Dell EMC BSN Controller Node | | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-305 | | 12/15/2021 | +| Dell | Dell EMC Cloud Disaster Recovery | N/A | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC Data Protection Central | | Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021- 269 | | 12/15/2021 | +| Dell | Dell EMC Data Protection Search | Versions before 19.5.0.7 | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-279 | | 12/15/2021 | +| Dell | Dell EMC ECS | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/18/21 | | 12/15/2021 | +| Dell | Enterprise Hybrid Cloud | | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | [link](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | | 12/15/2021 | +| Dell | Dell EMC Enterprise Storage Analytics for vRealize Operations | "<6.0.0 6.1.0 6.2.x" | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-278 | | 12/15/2021 | +| Dell | Dell EMC Integrated System for Azure Stack HCI | N/A | Affected | N/A | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | "Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. Apply workaround guidance and remediations as they become [available:](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | | 12/15/2021 | +| Dell | Dell EMC Integrated System for Microsoft Azure Stack Hub| N/A | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC NetWorker Virtual Edition | "19.5.x 19.4.x 19.3.x" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | 12/15/2021 | +| Dell | Dell EMC NetWorker Server | "19.5.x 19.4.x 19.3.x" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | 12/15/2021 | +| Dell | Dell EMC Networking Virtual Edge Platform with VersaOS | "with Versa Concerto with Versa Analytics with Versa Concero Director" | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-304 | | 12/15/2021 | +| Dell | Dell EMC PowerFlex Appliance | "All versions up to Intelligent Catalog 38_356_00_r10.zip All versions up to Intelligent Catalog 38_362_00_r7.zip" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending| | 12/15/2021 | +| Dell | Dell EMC PowerFlex Software (SDS) | "3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC PowerFlex Rack | N/A | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC PowerProtect Data Manager | All versions 19.9 and earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC PowerProtect DP Series Appliance (iDPA) | 2.7.0 and earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC PowerStore | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21 | | 12/15/2021 | +| Dell | Dell EMC RecoverPoint for Virtual Machine | All 5.0.x and later versions | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC RecoverPoint Classic | All 5.1.x and later versions | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell EMC SRM vApp | Versions before 4.6.0.2 | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 1/25/2022 | | 12/15/2021 | +| Dell | Dell EMC Streaming Data Platform | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/18/21 | | 12/15/2021 | +| Dell | Dell EMC Unity | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/29/21 | | 12/15/2021 | +| Dell | Dell EMC Metro Node | 7.0.x | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-308 | | 12/15/2021 | +| Dell | Dell EMC VxRail | "4.5.x 4.7.x 7.0.x" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Dell Open Management Enterprise - Modular | <1.40.10 | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-268 | | 12/15/2021 | +| Dell | DellEMC OpenManage Enterprise Services | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | | 12/15/2021 | +| Dell | OpenManage Enterprise | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | Dell EMC Ruckus SmartZone 300 Controller | | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | | 12/15/2021 | +| Dell | Dell EMC Ruckus SmartZone 100 Controller | | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | | 12/15/2021 | +| Dell | Dell EMC Ruckus Virtual Software | | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | | 12/15/2021 | +| Dell | Secure Connect Gateway (SCG) Appliance | "5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)" | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-282 | | 12/15/2021 | +| Dell | Secure Connect Gateway (SCG) Policy Manager | "5.00.00.10 5.00.05.10" | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-281 | | 12/15/2021 | +| Dell | SRS Policy Manager | 7 | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | Storage Center - Dell Storage Manager | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | | 12/15/2021 | +| Dell | SupportAssist Enterprise | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21 | | 12/15/2021 | +| Dell | Unisphere Central | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 1/10/2022 | | 12/15/2021 | +| Dell | Vblock | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending See vce6771 (requires customer login) | | 12/15/2021 | +| Dell | VNXe 1600 | Versions 3.1.16.10220572 and earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | VNXe 3200 | Version 3.1.15.10216415 and earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | VxBlock | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | "Patch pending See vce6771 (requires customer login) " | | 12/15/2021 | +| Dell | vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage | Various | Affected | | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | 12/15/2021 | +| Dell | vRO Plugin for Dell EMC PowerMax | Version 1.2.3 or earlier | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | 12/15/2021 | +| Dell | vRO Plugin for Dell EMC PowerScale | Version 1.1.0 or earlier | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | 12/15/2021 | +| Dell | vRO Plugin for Dell EMC PowerStore | Version 1.1.4 or earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | 12/15/2021 | +| Dell | vRO Plugin for Dell EMC Unity | Version 1.0.6 or earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | 12/15/2021 | +| Dell | vRO Plugin for Dell EMC XtremIO | Version 4.1.2 or earlier | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | 12/15/2021 | +| Dell | vRealize Data Protection Extension Data Management | | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | vRealize Data Protection Extension for vRealize Automation (vRA) 8.x | "version 19.6 version 19.7 version 19.8 and version 19.9" | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | VMware vRealize Automation 8.x | "8.2 8.3 8.4 8.5 and 8.6" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | VMware vRealize Orchestrator 8.x | "8.2 8.3 8.4 8.5 and 8.6" | Affected | No | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | 12/15/2021 | +| Dell | Wyse Management Suite | <3.5 | Affected | Yes | [Dell Response to Apache Log4j Remote Code Execution Vulnerability (CVE-2021-44228)](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-267 | | 12/15/2021 | | Denequa | | | | | [Denequa Link](https://denequa.de/log4j-information.html) | | | | | Device42 | | | | | [Device42 Link](https://blog.device42.com/2021/12/13/log4j-zero-day/) | | | | | Devolutions | All products | | Not Affected | | [https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/](https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/) | | | | | Devolutions | All products||Not Affected||[https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/](https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/)|||| | Diebold Nixdorf | | | | | [Diebold Nixdorf Link](https://www.dieboldnixdorf.com/en-us/apache) | | | | | Digicert | | | | | [Digicert Link](https://knowledge.digicert.com/alerts/digicert-log4j-response.html) | | | | +| Digi International | CTEK G6200 family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | CTEK SkyCloud | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | CTEK Z45 family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi 54xx family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi 63xx family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi AnywhereUSB (G2) family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi AnywhereUSB Plus family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Connect family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Connect EZ family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Connect IT family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi ConnectPort family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi ConnectPort LTS family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Connect Sensor family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Connect WS family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Embedded Android | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Embedded Yocto | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi EX routers | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi IX routers | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi LR54 | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi One family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Passport family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi PortServer TS family | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi TX routers | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi WR11 | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi WR21 | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi WR31 | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi WR44R/RR | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi WR54 | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi WR64 | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | AnywhereUSB Manager | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Aview | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | ARMT | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | AVWOB | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Navigator | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Remote Manager | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Digi Xbee mobile app | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Lighthouse | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Realport | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | +| Digi International | Remote Hub Config Utility | | Not Affected | | [Digi International Advisory Link](https://www.digi.com/resources/security) | | | 12/21/2021 | | Digital AI | | | | | [Digital AI Article](https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1) | | | | | DNSFilter | | | | | [DNSFilter Blog Post](https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability) | | | | | Docker | | | | | [Docker Blog Post](https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/) | | | | | Docusign | | | | | [Docusign Alert](https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability) | | | | | DrayTek | Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform||Not Affected||[DrayTek Statement](https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/)|||12/15/2021| | DSpace ||||| [DSpace Google Group](https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE) | | | | -| Dynatrace | Managed cluster nodes | | Affected | | | | | | -| Dynatrace | Managed cluster nodes||Affected|||||| -| Dynatrace | Synthetic Activegates | | Affected | | | | | | -| Dynatrace | Synthetic Activegates||Affected|||||| +| Dynatrace | Managed cluster nodes | | Not Affected | No | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 | +| Dynatrace | Managed cluster nodes | | Not Affected | No | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 | +| Dynatrace | Synthetic Activegates | | Fixed |Yes | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 | +| Dynatrace | Synthetic Activegates | | Fixed | Yes | [Official Dynatrace Communication](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | 12/21/2021 | | EasyRedmine | | | | | [EasyRedmine News](https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228) | | | | +| Eaton | Undisclosed | Undisclosed | Affected | | [Security Bulletin](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf) | Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. | | | | EclecticIQ | | | | | [EclecticIQ Advisory](https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2) | | | | | Eclipse Foundation | | | | | [Eclipse Foundation Wiki](https://wiki.eclipse.org/Eclipse_and_log4j2_vulnerability_(CVE-2021-44228)) | | | | | EFI | | | | | [EFI Link](https://communities.efi.com/s/article/Are-Fiery-Servers-vulnerable-to-CVE-2021-44228-Apache-Log4j2?language=en_US) | | | | | EGroupware | | | | | [EGroupware Link](https://help.egroupware.org/t/uk-de-statement-log4j-log4shell/76430) | | | | -| Elastic | APM Java Agent||Under Investigation||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | APM Server||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Beats||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Cmd||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Agent||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Cloud Enterprise||Under Investigation||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Cloud Enterprise||Under Investigation||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Cloud on Kubernetes||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Cloud||Under Investigation||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Endgame||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elastic Maps Service||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Elasticsearch|5,6,8|Affected|Yes|[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|||12/15/2021| -| Elastic | Endpoint Security||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Enterprise Search||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Fleet Server||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Kibana||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Logstash|<6.8.21,<7.16.1|Affected|Yes|[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| -| Elastic | Machine Learning||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|||12/15/2021| -| Elastic | Swiftype||Not Affected||[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)|12/15/2021| +| Elastic | APM Java Agent | | Under Investigation | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | APM Server | | Not Affected | |[Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Beats | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Cmd | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elastic Agent | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elastic Cloud Enterprise | | Under Investigation | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elastic Cloud Enterprise | | Under Investigation | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elastic Cloud on Kubernetes | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elastic Cloud | | Under Investigation | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476)| | | 12/15/2021 | +| Elastic | Elastic Endgame | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elastic Maps Service | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Elasticsearch | 5,6,8 | Affected | Yes | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Endpoint Security | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Enterprise Search | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Fleet Server | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Kibana | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Logstash | <6.8.21,<7.16.1 | Affected | Yes | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Machine Learning | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | +| Elastic | Swiftype | | Not Affected | | [Apache Log4j2 Remote Code Execution (RCE) Vulnerability - CVE-2021-44228 - ESA-2021-31](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | 12/15/2021 | | ElasticSearch | all products | | Not Affected | | | | | | -| Ellucian (Banner and Colleague Higher Education SIS) | | | | | [Ellucian Response](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | | +| Elekta | | | Unknown | | [Elekta Advisory Link](https://www.elekta.com/software-solutions/product-security) | Elekta Advisories are available in the customer portal (login required) | | 12/21/2021 | +| Ellucian | Banner Analytics | | Affected | No | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Colleague | | Affected | No | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | On-prem and cloud deployements expect fixed 12/18/2021 | | 12/17/2021 | +| Ellucian | Admin | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Enterprise Identity Services(BEIS) | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Banner Integration for eLearning | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Banner Integration for eProcurement | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Banner Workflow | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Banner Document Management (includes Banner Document Retention) | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Advance Web Connector | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian eTranscripts | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Mobile | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Solution Manager | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Banner Event Publisher | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Banner Self Service | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Colleague Analytics | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | CRM Advance | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | CRM Advise | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | CRM Recruit | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Data Access | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Design Path | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian ePrint | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Ethos API & API Management Center | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Ethos Extend | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Ethos Integration | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Experience | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Intelligent Platform (ILP) | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian International Student and Scholar Management (ISSM) | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian |Ellucian Message Service (EMS) | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Messaging Adapter (EMA) | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Payment Gateway | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Ellucian Portal | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian Workflow | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | +| Ellucian | Ellucian PowerCampus | | Not Affected | | [Ellucian Response on Apache Log4j Issue](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | 12/17/2021 | | Emerson | | | | | [Emerson Cyber Security Notification](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | | | EnterpriseDT | | | | | [EnterpriseDT Statement](https://enterprisedt.com/blogs/announcements/enterprisedt-does-not-use-log4j/) | | | | | ESET | | | | | [ESET Statement](https://support.eset.com/en/alert8188-information-regarding-the-log4j2-vulnerability) | | | | -| ESRI | | | | | [ESRI Statement](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | | | | +| ESRI | ArcGIS Data Store | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 | +| ESRI | ArcGIS Enterprise | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 | +| ESRI | ArcGIS GeoEvent Server | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 | +| ESRI | ArcGIS Server | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 | +| ESRI | ArcGIS Workflow Manager Server | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 | +| ESRI | Portal for ArcGIS | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 | | Estos | | | | | [Estos Support Statement](https://support.estos.de/de/sicherheitshinweise/estos-von-kritischer-schwachstelle-in-log4j-cve-2021-44228-nicht-betroffen) | | | | | Evolveum Midpoint | | | | | [Evolveum Midpoint Statement](https://evolveum.com/midpoint-not-vulnerable-to-log4shell/) | | | | | Ewon | | | | | [Ewon Statement](https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42) | | | | @@ -581,10 +946,21 @@ This list was initially populated using information from the following sources: | F-Secure | Messaging Security Gateway | | Affected | Yes | [The Log4J Vulnerability (CVE-2021-44228) – which F-Secure products are affected, what it means, what steps should you take - F-Secure Community](https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take) | | | | | F-Secure | Policy Manager | 13-15 | Affected | Yes | [F-Secure services Status - 0-day exploit found in the Java logging package log4j2](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | | | F-Secure| Policy Manager Proxy | 13-15 | Affected | Yes | [F-Secure services Status - 0-day exploit found in the Java logging package log4j2](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | | -| F5 Networks | | | | | [F5 Networks Statement](https://support.f5.com/csp/article/K19026212) | | | | +| F5 | BIG-IP (all modules) | 11.x - 16.x | Not Affected | | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | | | | +| F5 | BIG-IQ Centralized Management | 7.x-8.x | Not Affected | | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | | | | +| F5 | F5OS | 1.x | Not Affected | | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | | | | +| F5 | Traffix SDC | 5.x (5.2.0 CF1, 5.1.0 CF-30 - 5.1.0 CF-33)| Affected | No | [F5 Security Advisory](https://support.f5.com/csp/article/K19026212) | Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System | | | +| F5 | NGINX Plus | R19 - R25 | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX Open Source | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX Unit | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX App Protect | 3.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX Controller | 3.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX Ingress Controller | 1.x - 2.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX Instance Manager | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | +| F5 | NGINX Service Mesh | 1.x | Not Affected | | [F5 Security Advisory (CVE-2021-44228)](https://support.f5.com/csp/article/K19026212), [F5 Security Advisory (CVE-2021-45046)](https://support.f5.com/csp/article/K32171392) | | | | | FAST LTA | | | | | [FAST LTA Statement](https://blog.fast-lta.de/en/log4j2-vulnerability) | | | | | Fastly | | | | | [Fastly Statement](https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j) | | | | -| FedEx | Ship Manager Software | Unknown | Affected/Under Investigation | | [FedEx Statement](https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4)|Note: FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative.||12/15/2021| +| FedEx | Ship Manager Software | Unknown | Affected/Under Investigation | | [FedEx Statement](https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4)| Note: FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative. | | 12/15/2021 | | Fiix | Fiix CMMS Core| v5 | Fixed| | [PN1579 - Log4Shell Vulnerability Notice](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. | | 12/15/2021 | | FileCap | | | | | [FileCapStatement](https://mailchi.mp/3f82266e0717/filecap-update-version-511) | | | | | FileCatalyst | | | | | [FileCatalyst Statement](https://support.filecatalyst.com/index.php/Knowledgebase/Article/View/advisory-log4j-zero-day-security-vulnerability) | | | | @@ -592,6 +968,7 @@ This list was initially populated using information from the following sources: | FileWave | | | | | [FileWave Statement](https://kb.filewave.com/display/KB/Security+Notice:+Apache+log4j+Vulnerability+CVE-2021-44228) | | | | | FINVI | | | | | [FINVI Statement](https://finvi.com/support/) | | | | | FireDaemon | | | | | [FireDemon Statement](https://kb.firedaemon.com/support/solutions/articles/4000178630) | | | | +| Fisher & Paykel Healthcare | | | Not Affected | | [Fisher & Paykel Healthcare Advisory Link](https://www.fphcare.com/us/our-company/contact-us/product-security/) | | | 12/21/2021 | | Flexagon | | | | | [Flexagon Statement](https://flexagon.com/what-is-the-impact-of-log4j-vulnerability-cve-2021-44228-on-flexdeploy/) | | | | | Flexera | | | | | [Flexera Statement](https://community.flexera.com/t5/Community-Notices/Flexera-s-response-to-Apache-Log4j-2-remote-code-execution/ba-p/216934) | | | | | Forcepoint | DLP Manager | | Affected | | [Login (forcepoint.com)](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | | | | @@ -635,16 +1012,20 @@ This list was initially populated using information from the following sources: | FTAPI | | | | | [FTAPI Statement](https://www.ftapi.com/blog/kritische-sicherheitslucke-in-log4j-ftapi-reagiert/#) | | | | | Fujitsu | | | | | [Fujitsu Statement](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | | | FusionAuth | FusionAuth | 1.32 | Not Affected | | [log4j CVE: How it affects FusionAuth (TLDR: It doesn't) - FusionAuth](https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/) | | | | +| GE Healthcare | | | Under Investigation | | [GE Healthcare Advisory Link](https://www.gehealthcare.com/security) | | | 12/21/2021 | | Gearset | | | | | [Gearset Statement](https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021) | | | | | Genesys | | | | | [Genesys Statement](https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability) | | | | | GeoServer | | | | | [GeoServer Announcement](http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html) | | | | | Gerrit code review | | | | | [Gerrit Statement](https://www.gerritcodereview.com/2021-12-13-log4j-statement.html) | | | | | GFI | | | | | [GFI Statement](https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/) | | | | | Ghidra | | | | | [Ghidra Statement](https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning) | | | | +| Gigamon | Fabric Manager | <5.13.01.02 | Affected | Yes | [Gigamon Customer Support Portal](https://community.gigamon.com/gigamoncp/s/my-gigamon) | Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA. | | 12/21/2021 | | GitHub | | | | | [GitHub Statement](https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/) | | | | | GitLab | | | | | [GitLab Statement](https://forum.gitlab.com/t/cve-2021-4428/62763) | | | | | Globus | | | | | [Globus Statement](https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4) | | | | -| GoAnywhere | | | | | [GoAnywhere Statement](https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps) | | | | +| GoAnywhere | MFT | < 6.8.6 | Affected | Yes | [GoAnywhere Statement](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | 12/18/2021 | +| GoAnywhere | Gateway | < 2.8.4 | Affected | Yes | [GoAnywhere Statement](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | 12/18/2021 | +| GoAnywhere | MFT Agents | < 1.6.5 | Affected | Yes | [GoAnywhere Statement](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | 12/18/2021 | | GoCD | | | | | [GoCD Statement](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | | | Google Cloud Armor WAF | | | | | [Google Statement](https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability) | | | | | Google Cloud Global Products coverage | | | | | [Google Statement](https://cloud.google.com/log4j2-security-advisory) | | | | @@ -663,7 +1044,6 @@ This list was initially populated using information from the following sources: | Gravitee | Cockpit | 1.4.x | Not Affected | No | [About the Log4J CVSS 10 Critical Vulnerability](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | | | Gravitee.io | | | | | [Gravitee.io Statement](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | | | Gravwell | | | | | [Gravwell Statement](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | | | | -| GrayLog | | | | | [GrayLog Statement](https://www.graylog.org/post/graylog-update-for-log4j) | | | | | Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | Affected | Yes | [Graylog Update for Log4j](https://www.graylog.org/post/graylog-update-for-log4j) | | | | | GreenShot | | | | | [GreenShot Statement](https://greenshot.atlassian.net/browse/BUG-2871) | | | | | Guidewire | | | | | [Guidewire Statement](https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products) | | | | @@ -681,7 +1061,6 @@ This list was initially populated using information from the following sources: | HashiCorp | Vault | | Not Affected | | [HashiCorp security bulletin re. CVE-2021-44228](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | | | HashiCorp | Vault Enterprise | | Not Affected | | [HashiCorp security bulletin re. CVE-2021-44228](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | | | HashiCorp | Waypoint | | Not Affected | | [HashiCorp security bulletin re. CVE-2021-44228](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | | -| HCL Global | | | | | [HCL Global Statement](https://support.hcltechsw.com/csm/en?id=kb_article&sysparm_article=KB0095490) | | | | | HCL Software | BigFix Compliance | 2.0.1 - 2.0.4 | Fixed | | [KB with fix](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | [Forum post with more specifics](https://forum.bigfix.com/t/bigfix-compliance-has-a-remediation-for-log4j-vulnerability-cve-2021-44228/40197) | 12/15/2021 | | HCL Software | BigFix Insights | All | Not Affected | | [KB](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | 12/15/2021 | | HCL Software | BigFix Insights for Vulnerability Remediation | All | Not Affected | | [KB](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | 12/15/2021 | @@ -694,6 +1073,11 @@ This list was initially populated using information from the following sources: | Hikvision | | | | | [Hikvision](https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf) | | | | | Hitachi Vantara | | | | | [Hitachi Vantara](https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2) | | | | | Honeywell | | | | | [Honeywell Statement](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | | +| HP | Teradici Cloud Access Controller | < v113 | Fixed | Yes | [Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | 2021-12-17 | +| HP | Teradici EMSDK | < 1.0.6 | Fixed | Yes | [Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | 2021-12-17 | +| HP | Teradici Management Console | < 21.10.3 | Fixed | Yes | [Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | 2021-12-17 | +| HP | Teradici PCoIP Connection Manager | < 21.03.6, < 20.07.4 | Fixed | Yes | [Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | 2021-12-17 | +| HP | Teradici PCoIP License Server | | Not Affected | | [Apache Log4j update for Teradici PCoIP Connection Manager, Teradici Cloud Access Connector, Teradici PCoIP License Server, Teradici Management Console, and Teradici EMSDK](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | 2021-12-17 | | HPE | 3PAR StoreServ Arrays | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | AirWave Management Platform | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | Alletra 6000 | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | @@ -823,6 +1207,23 @@ This list was initially populated using information from the following sources: | HPE | Superdome Flex 280 | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | Superdome Flex Server | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | | HPE | UAN (User Access Node) | | Not Affected | | [(Revision) Apache Software Log4j - Security Vulnerability CVE-2021-44228](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) |Support Communication Cross Reference ID: SIK7387 | | 2021-12-12 | +| HOLOGIC | Advanced Workflow Manager (AWM) | | Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | 12/20/2021 | +| HOLOGIC | Unifi Workspace | | Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | 12/20/2021 | +| HOLOGIC | Faxitron CT Specimen Radiography System | | Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program. | | 12/20/2021 | +| HOLOGIC | Dimensions / 3Dimensions Mammography System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Affirm Prone Biopsy System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Brevera Breast Biopsy System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Trident HD Specimen Radiography System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | SecurView DX Workstation | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Cenova Image Analytics Server | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | SecurXChange Router | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Rosetta DC Tomosynthesis Data Converter | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Faxitron Specimen Radiography Systems | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Horizon DXA Bone Densitometer | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Discovery Bone Densitometer | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Fluoroscan Insight Mini C-Arm | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | +| HOLOGIC | Windows Selenia Mammography System | | Not Affected | No | [HOLOGIC Advisory Link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | 12/20/2021 | | Huawei | | | | | [Huawei Security Notice](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | | | Hubspot | | | | | [Hubspot Notice](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | | | I-Net software | | | | | [I-Net Software Statement](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | | @@ -831,198 +1232,210 @@ This list was initially populated using information from the following sources: | Ibexa | | | | | [Ibexa Statement](https://developers.ibexa.co/security-advisories/cve-2021-44228-log4j-vulnerability) | | | | | IBM | BigFix Compliance | | Affected | No | | | | | | IBM | BigFix Inventory | VM Manager Tool & SAP Tool | Affected | No | | To verify if your instance is affected, go to the lib subdirectory of the tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version of log4j is included. Version is included in the name of the library. | | | -| IBM | Analytics Engine ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | App Configuration ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | App Connect ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | App ID||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Application Gateway||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Aspera Endpoint||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Aspera Enterprise||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Aspera fasp.io||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Aspera||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Bare Metal Servers ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Block Storage ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Block Storage for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Block Storage Snapshots for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Case Manager||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Certificate Manager||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Client VPN for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cloud Activity Tracker ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cloud Backup ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cloud Monitoring ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cloud Object Storage||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cloud Object Storage||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cloudant||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Code Engine ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cognos Command Center||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Cognos Controller|10.4.2|Affected|Yes|[Security Bulletin: IBM Cognos Controller 10.4.2 IF15: Apache log4j Vulnerability (CVE-2021-44228)](https://www.ibm.com/support/pages/node/6526468>)|||12/15/2021| -| IBM | Cognos Integration Server||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose Enterprise ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for Elasticsearch ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for etcd ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for MongoDB ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for MySQL ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for PostgreSQL ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for RabbitMQ ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for Redis ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for RethinkDB ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Compose for ScyllaDB ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Container Registry||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Container Security Services||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Content Delivery Network ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Continuous Delivery||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Copy Services Manager||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for DataStax ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for EDB ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for Elasticsearch ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for etcd ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for MongoDB ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for PostgreSQL ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Databases for Redis ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Datapower Gateway||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Dedicated Host for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Direct Link Connect ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Direct Link Connect on Classic ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Direct Link Dedicated (2.0) ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Direct Link Dedicated Hosting on Classic ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Direct Link Dedicated on Classic ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Direct Link Exchange on Classic ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | DNS Services ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Emptoris Contract Management||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Emptoris Program Management||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Emptoris Sourcing||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Emptoris Spend Analysis||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Emptoris Supplier Lifecycle Management||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Enterprise Tape Controller Model C07 (3592) (ETC)||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Event Notifications||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Event Streams ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | File Storage||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Flash System 900 (& 840)||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Flow Logs for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Functions ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | GSKit||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Guardium S-TAP for Data Sets on z/OS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Guardium S-TAP for DB2 on z/OS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Guardium S-TAP for IMS on z/OS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Hyper Protect Crypto Services ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Hyper Protect DBaaS for MongoDB||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Hyper Protect DBaaS for PostgreSQL||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Hyper Protect Virtual Server||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | i2 Analyst’s Notebook||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | i2 Base||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Application Runtime Expert for i||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Backup, Recovery and Media Services for i||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Db2 Mirror for i||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM HTTP Server||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM i Access Family||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM i Portfolio of products under the Group SWMA||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM PowerHA System Mirror for i||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Direct Browser User Interface||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Direct for HP NonStop||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Direct for i5/OS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Direct for OpenVMS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Express for Microsoft Windows||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Express for UNIX||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | IBM Sterling Connect:Express for z/OS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Instana Agent|Timestamp lower than 12-11-2021| Affected| Yes| [Status Instana](https://status.instana.io/incidents/4zgcd2gzf4jw)|||12/14/2021| -| IBM | Internet Services||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Key Lifecyle Manager for z/OS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Key Protect ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Knowledge Studio||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Kubernetes Service ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Load Balancer for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Log Analysis ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Managed VMware Service||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Management Extender for VMware vCenter | | Affected | No | | | | | -| IBM | Mass Data Migration ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Maximo EAM SaaS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Message Hub||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | MQ Appliance||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | MQ on IBM Cloud||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Natural Language Understanding||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | OmniFind Text Search Server for DB2 for i||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | OPENBMC||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Planning Analytics Workspace|>2.0.57|Affected|Yes|[Security Bulletin: IBM Planning Analytics 2.0: Apache log4j Vulnerability (CVE-2021-44228)](https://www.ibm.com/support/pages/node/6525700)|||12/15/2021| -| IBM | Power HMC|V9.2.950.0 & V10.1.1010.0|Affected|Yes|[Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC](https://www.ibm.com/support/pages/node/6526172?myns=pwrsmc&mynp=OCSGGSNP&mync=E&cm_sp=pwrsmc-_-OCSGGSNP-_-E)|||12/15/2021| -| IBM | PowerSC||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | PowerVM Hypervisor||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | PowerVM VIOS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | QRadar Advisor||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Qradar Network Threat Analytics||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | QRadar SIEM||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Quantum Services||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Rational Developer for AIX and Linux||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Rational Developer for i||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Red Hat OpenShift on IBM Cloud ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| +| IBM | Analytics Engine | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | App Configuration | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | App Connect | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | App ID | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Application Gateway | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Aspera Endpoint | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Aspera Enterprise | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Aspera fasp.io | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Aspera | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Bare Metal Servers | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Block Storage | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Block Storage for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Block Storage Snapshots for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Case Manager | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Certificate Manager | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Client VPN for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cloud Activity Tracker | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cloud Backup | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cloud Monitoring | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cloud Object Storage | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cloud Object Storage | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cloudant | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Code Engine | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cognos Command Center | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Cognos Controller | 10.4.2 | Affected | Yes | [Security Bulletin: IBM Cognos Controller 10.4.2 IF15: Apache log4j Vulnerability (CVE-2021-44228)](https://www.ibm.com/support/pages/node/6526468>) | | | 12/15/2021 | +| IBM | Cognos Integration Server | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose Enterprise | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for Elasticsearch | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for etcd | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for MongoDB | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for MySQL | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for PostgreSQL | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for RabbitMQ | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for Redis | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for RethinkDB | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Compose for ScyllaDB | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Container Registry | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Container Security Services | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Content Delivery Network | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Continuous Delivery | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Copy Services Manager | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for DataStax | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for EDB | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for Elasticsearch | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for etcd | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for MongoDB | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for PostgreSQL | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Databases for Redis | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Datapower Gateway | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Dedicated Host for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Direct Link Connect | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Direct Link Connect on Classic | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Direct Link Dedicated (2.0) | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Direct Link Dedicated Hosting on Classic | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Direct Link Dedicated on Classic | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Direct Link Exchange on Classic | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | DNS Services | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Emptoris Contract Management | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Emptoris Program Management | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Emptoris Sourcing | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Emptoris Spend Analysis | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Emptoris Supplier Lifecycle Management | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Enterprise Tape Controller Model C07 (3592) (ETC) | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Event Notifications | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Event Streams | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | File Storage | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Flash System 900 (& 840) | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Flow Logs for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Functions | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | GSKit | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Guardium S-TAP for Data Sets on z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Guardium S-TAP for DB2 on z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Guardium S-TAP for IMS on z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Hyper Protect Crypto Services | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Hyper Protect DBaaS for MongoDB | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Hyper Protect DBaaS for PostgreSQL | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Hyper Protect Virtual Server | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | i2 Analyst’s Notebook | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | i2 Base | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Application Runtime Expert for i | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Backup, Recovery and Media Services for i | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Db2 Mirror for i | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM HTTP Server | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM i Access Family | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM i Portfolio of products under the Group SWMA | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM PowerHA System Mirror for i | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Direct Browser User Interface | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Direct for HP NonStop | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Direct for i5/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Direct for OpenVMS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Express for Microsoft Windows | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Express for UNIX | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | IBM Sterling Connect:Express for z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Instana Agent | Timestamp lower than 12-11-2021 | Affected | Yes | [Status Instana](https://status.instana.io/incidents/4zgcd2gzf4jw) | | | 12/14/2021 | +| IBM | Internet Services | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Key Lifecyle Manager for z/OS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Key Protect | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Knowledge Studio | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Kubernetes Service | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Load Balancer for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Log Analysis | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Managed VMware Service | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Management Extender for VMware vCenter | | Affected | No | | | | | +| IBM | Mass Data Migration | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Maximo EAM SaaS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Message Hub | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | MQ Appliance | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | MQ on IBM Cloud | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Natural Language Understanding | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | OmniFind Text Search Server for DB2 for i | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | OPENBMC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Planning Analytics Workspace | >2.0.57 | Affected | Yes | [Security Bulletin: IBM Planning Analytics 2.0: Apache log4j Vulnerability (CVE-2021-44228)](https://www.ibm.com/support/pages/node/6525700) | | | 12/15/2021 | +| IBM | Power HMC | V9.2.950.0 & V10.1.1010.0 | Affected | Yes | [Security Bulletin: Vulnerability in Apache Log4j (CVE-2021-44228) affects Power HMC](https://www.ibm.com/support/pages/node/6526172?myns=pwrsmc&mynp=OCSGGSNP&mync=E&cm_sp=pwrsmc-_-OCSGGSNP-_-E) | | | 12/15/2021 | +| IBM | PowerSC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | PowerVM Hypervisor | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | PowerVM VIOS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | QRadar Advisor | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Qradar Network Threat Analytics | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | QRadar SIEM | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Quantum Services | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Rational Developer for AIX and Linux | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Rational Developer for i | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Red Hat OpenShift on IBM Cloud | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | | IBM | Resilient | | Under Investigation | | | | | | -| IBM | Robotic Process Automation||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | SAN Volume Controller and Storwize Family||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Satellite Infrastructure Service ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Schematics ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Secrets Manager ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Secure Gateway ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Server Automation | | Affected | No | | | | | -| IBM | Spectrum Archive Library Edition||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Discover||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Client Management Service||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for Databases: Data Protection for Oracle||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for Databases: Data Protection for SQL||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for Enterprise Resource Planning||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for Mail: Data Protection for Domino||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for Mail: Data Protection for Exchange||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for Workstations||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect for z/OS USS Client and API||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Plus Db2 Agent||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Plus Exchange Agent||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Plus File Systems Agent||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Plus MongoDB Agent||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Plus O365 Agent||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Server||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Snapshot for UNIX||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Spectrum Protect Snapshot for UNIX||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | SQL Query ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Gentran||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Order Management||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for ACORD||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for Financial Services||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for FIX||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for NACHA||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for PeopleSoft||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for SAP R/3||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for SEPA||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for Siebel||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Pack for SWIFT||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Packs for EDI||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Packs for Healthcare||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Sterling Transformation Extender Trading Manager||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Storage TS1160||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Storage TS2280||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Storage TS2900 Library||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Storage TS3100-TS3200 Library||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Storage TS4500 Library||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Storage Virtualization Engine TS7700||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Tape System Library Manager||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | TDMF for zOS||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Total Storage Service Console (TSSC) / TS4500 IMC||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Transit Gateway ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Tririga Anywhere||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | TS4300||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Urbancode Deploy||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Virtual Private Cloud ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Virtual Server for Classic ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Virtualization Management Interface||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | VMware Solutions||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | VMware vCenter Server||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | VMware vSphere||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | VPN for VPC ||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | vRealize Operations and Log Insight||Affected|Yes|[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| -| IBM | Workload Automation||Not Affected||[An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products)|||12/15/2021| +| IBM | Robotic Process Automation | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | SAN Volume Controller and Storwize Family | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Satellite Infrastructure Service | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Schematics | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Secrets Manager | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Secure Gateway | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Server Automation | | Affected | No | | | | | +| IBM | Spectrum Archive Library Edition | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Discover | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Client Management Service | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for Databases: Data Protection for Oracle | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for Databases: Data Protection for SQL | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for Enterprise Resource Planning | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for Mail: Data Protection for Domino | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for Mail: Data Protection for Exchange | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for Workstations | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect for z/OS USS Client and API | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Plus Db2 Agent | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Plus Exchange Agent | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Plus File Systems Agent | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Plus MongoDB Agent | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Plus O365 Agent | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Server | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Snapshot for UNIX | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Spectrum Protect Snapshot for UNIX | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | SQL Query | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Gentran | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Order Management | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for ACORD | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for Financial Services | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for FIX | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for NACHA | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for PeopleSoft | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for SAP R/3 | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for SEPA | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for Siebel | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Pack for SWIFT | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Packs for EDI | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Packs for Healthcare | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Sterling Transformation Extender Trading Manager | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Storage TS1160 | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Storage TS2280 | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Storage TS2900 Library | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Storage TS3100-TS3200 Library | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Storage TS4500 Library | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Storage Virtualization Engine TS7700 | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Tape System Library Manager | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | TDMF for zOS | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Total Storage Service Console (TSSC) / TS4500 IMC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Transit Gateway | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | |12/15/2021 | +| IBM | Tririga Anywhere | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | TS4300 | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Urbancode Deploy | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Virtual Private Cloud | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Virtual Server for Classic | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Virtualization Management Interface | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | VMware Solutions | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | VMware vCenter Server | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | VMware vSphere | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | VPN for VPC | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | vRealize Operations and Log Insight | | Affected | Yes | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | +| IBM | Workload Automation | | Not Affected | | [An update on the Apache Log4j CVE-2021-44228 vulnerability - IBM PSIRT Blog](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | 12/15/2021 | | IFS | | | | | [IFS Bulletin](https://community.ifs.com/announcements-278/urgent-bulletin-ifs-advisory-ifs-products-services-and-log4j-cve-2021-44228-16436) | | | | | IGEL | | | | | [IGEL Statement](https://kb.igel.com/securitysafety/en/isn-2021-11-ums-log4j-vulnerability-54086712.html) | | | | | Ignite Realtime | | | | | [Ignite Realtime Statement](https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108) | | | | | iGrafx | | | | | [iGrafx Statement](https://www.igrafx.com/igrafx-thwarts-log4j-vulnerability/) | | | | | Illuminated Cloud | | | | | [Illuminated Cloud Statement](https://illuminatedcloud.blogspot.com/2021/12/illuminated-cloud-2-and-log4j-security.html) | | | | -| Illumio | | | | | [Illumio Statement](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | | +| Illumio | C-VEN | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | CLI | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | CloudSecure | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Core on-premise PCE | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Core SaaS PCE | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Edge SaaS PCE | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Edge-CrowdStrike | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Flowlink | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Kubelink | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | NEN | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | QRadar App | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | Splunk App | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| +| Illumio | VEN | | Not Affected | | [Illumio KB article](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html)| | |12/16/2021| | IManage | | | | | [IManage Statement](https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e) | | | | | Imperva | | | | | [Imperva Statement](https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/) | | | | | Inductive Automation | | | | | [Inductive Automation Statement](https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day) | | | | @@ -1042,6 +1455,9 @@ This list was initially populated using information from the following sources: | Intel | System Studio | | Affected | | [Intel Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | |12/16/2021| | Intel | Computer Vision Annotation Tool maintained by Intel | | Affected | | [Intel Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | |12/16/2021| | Intel | Sensor Solution Firmware Development Kit | | Affected | | [Intel Advisory](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | |12/16/2021| +| Internet Systems Consortium(ISC)|ISC DHCP, aka dhcpd|All|Not Affected|N/A|[ISC Open Source and Log4J](https://www.isc.org/blogs/2021-log4j/)|no JAVA Code||12/17/2021| +| Internet Systems Consortium(ISC) | Kea DHCP | All | Not Affected | N/A | [ISC Open Source and Log4J](https://www.isc.org/blogs/2021-log4j/) | no JAVA Code | | 12/17/2021 | +| Internet Systems Consortium(ISC) | BIND 9 | All | Not Affected | N/A | [ISC Open Source and Log4J](https://www.isc.org/blogs/2021-log4j/) | no JAVA Code | | 12/17/2021 | | InterSystems | | | | | [InterSystems Statement](https://www.intersystems.com/gt/apache-log4j2/) | | | | | Intland | codebeamer | <= 20.11-SP11, <= 21.09-SP3 | Affected | Some releases | [Apache Log4j vulnerability and fixes](https://codebeamer.com/cb/wiki/19872365) | A fix has been released for [20.11](https://codebeamer.com/cb/wiki/13134438) and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) | | | | iRedMail | | | | | [iRedMail Statement](https://forum.iredmail.org/topic18605-log4j-cve202144228.html) | | | | @@ -1054,7 +1470,22 @@ This list was initially populated using information from the following sources: | Jedox | | | | | [Jedox Statement](https://www.jedox.com/en/trust/) | | | | | Jenkins | CI/CD Core | | Not Affected | | | | | | | Jenkins | Plugins | | Some affected, some fixed, most unaffected. See [issue tracker](https://issues.jenkins.io/browse/JENKINS-67353) | Some | [Announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/), [issue tracker](https://issues.jenkins.io/browse/JENKINS-67353) | [Instructions to test your installations in announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/) | | 2021-12-16 | -| Jetbrains | | | Affected | Yes | [JetBrains Statement](https://www.jetbrains.com/help/license_server/release_notes.html) | | | | +| JetBrains | IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, Rider, RubyMine, WebStorm) | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/)| | | | +| JetBrains | All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | ToolBox | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | TeamCity | Unknown | Not Affected | | [JetBrains Blog Post](https://youtrack.jetbrains.com/issue/TW-74298) | | | | +| JetBrains | Hub | 2021.1.14080 | Fixed | | [JetBrains Blog Post](https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/) | | | | +| JetBrains | YouTrack Standalone | 2021.4.35970 | Fixed | | [JetBrains Blog Post](https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/) | | | | +| JetBrains | YouTrack InCloud | Unknown | Fixed | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | Datalore | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | Space | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| Jetbrains | Code With Me | Unknown | Fixed | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | Gateway | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | Kotlin | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | Ktor | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | MPS | Unknown | Not Affected | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | Floating license server | 30211 | Fixed | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | +| JetBrains | UpSource | 2020.1.1952 | Fixed | | [JetBrains Blog Post](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | | | JFROG | | | | | [JFROG Statement](https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/) | | | | | Jitsi | | | | | [Jitsi Advisory](https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md) | | | | | Jitterbit | | | | | [Jitterbit Statement](https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability) | | | | @@ -1131,6 +1562,7 @@ This list was initially populated using information from the following sources: | LiquidFiles | | | | | [LiquidFiles Statement](https://mailchi.mp/liquidfiles/liquidfiles-log4j?e=%5BUNIQID%5D) | | | | | LiveAction | | | | | [LiveAction Statement](https://documentation.liveaction.com/LiveNX/LiveNX%2021.5.1%20Release%20Notes/Release%20Notes%20LiveNX%2021.5.1.1.3) | | | | | Loftware | | | | | [Loftware](https://help.loftware.com/lps-kb/content/log4j%20cve-2021-44228.htm?Highlight=CVE-2021-44228) | | | | +| LOGalyze | SIEM & log analyzer tool | v4.x | Affected | No | [abandoned open-source software repo (sourceforge.net)](https://sourceforge.net/software/product/LOGalyze/) | local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17 | [Forks (github.com)](https://github.com/search?q=logalyzer&s=updated&type=Repositories) | 2021-12-17 | | LogiAnalytics | | | | | [LogiAnalytics Statement](https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228-) | | | | | LogicMonitor | | | | | [LogicMonitor Statement](https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228) | | | | | LogMeIn | | | | | [LogMeIn Statement](https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327) | | | | @@ -1138,9 +1570,10 @@ This list was initially populated using information from the following sources: | Looker | | | | | [Looker Statement](https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub) | | | | | LucaNet | | | | | [LucaNet Statement](https://www.lucanet.com/en/blog/update-vulnerability-log4j) | | | | | Lucee | | | | | [Lucee Statement](https://dev.lucee.org/t/lucee-is-not-affected-by-the-log4j-jndi-exploit-cve-2021-44228/9331/4) | | | | +| Lyrasis | Fedora Repository | 3.x,4.x,5.x,6.x | Not Affected | | [Fedora Repository Statement](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | 2021-12-14 | | MailStore | | | | | [MailStore Statement](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | | | Maltego | | | | | [Maltego Response to Logj4](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | | -| ManageEngine | Servicedsk Plus|11305 and below|Affected| | [Manage Engine Advisory](https://www.manageengine.com/products/service-desk/security-response-plan.html)|||12/15/2021| +| ManageEngine | Servicedesk Plus|11305 and below|Affected| | [Manage Engine Advisory](https://www.manageengine.com/products/service-desk/security-response-plan.html)|||12/15/2021| | ManageEngine Zoho | | | | | [Manage Engine Link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | | | ManageEngine Zoho | ADManager Plus | On-Prem | | | [ManageEngine Vulnerability Impact](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | |12/16/2021| | ManageEngine Zoho | ADAudit Plus | On-Prem | | | [ManageEngine Vulnerability Impact](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | |12/16/2021| @@ -1155,7 +1588,7 @@ This list was initially populated using information from the following sources: | ManageEngine Zoho | M365 Security Plus | On-Prem | | | [ManageEngine Vulnerability Impact](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | |12/16/2021| | ManageEngine Zoho | Analytics Plus | On-Prem | | | [ManageEngine Vulnerability Impact](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | |12/16/2021| | MariaDB | | | | | [MariaDB Statement](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | | -| MathWorks | All MathWorks general release desktop or server products | | Not Affected | No | [MathWorks statement regarding CVE-2021-44228](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | +| MathWorks | All MathWorks general release desktop or server products | | Not Affected | No | [MathWorks statement regarding CVE-2021-44228](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | | | MathWorks Matlab | | | | | [MathWorks Matlab Statement](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | | | Matillion | | | | | [Matillion Security Advisory](https://documentation.matillion.com/docs/security-advisory-14th-december-2021) | | | | | Matomo | | | | | [Matomo Statement](https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089) | | | | @@ -1185,6 +1618,10 @@ This list was initially populated using information from the following sources: | Mirantis | | | | | [Mirantis Statement](https://github.com/Mirantis/security/blob/main/news/cve-2021-44288.md) | | | | | Miro | | | | | [Miro Log4j Updates](https://miro.com/trust/updates/log4j/) | | | | | Mitel | | | | | [Mitel Statement](https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010) | | | | +| MobileIron | Core | All Versions | Affected | Yes | [https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | 12/20/21 | +| MobileIron | Core Connector | All Versions | Affected | Yes | [https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | 12/20/21 | +| MobileIron | Reporting Database (RDB) | All Versions | Affected | Yes | [https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | 12/20/21 | +| MobileIron | Sentry | 9.13, 9.14 | Affected | Yes | [https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US](https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US) | The mitigation instructions listed in a subsequent section removes a vulnerable Java class (JNDILookUp.class) from the affected Log4J Java library and as a result removes the ability to perform the RCE attack. The workaround needs to be applied in a maintenance window. You will not be able to access the admin portal during the procedure, however, end user devices will continue to function. | | 12/20/21 | | MongoDB | All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) | | Not Affected | | [https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | | | MongoDB | MongoDB Atlas Search | | Affected | yes | [https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | | | MongoDB | MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) | | Not Affected | | [https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | | @@ -1208,6 +1645,7 @@ This list was initially populated using information from the following sources: | Netcup | | | | | [Netcup Statement](https://www.netcup-news.de/2021/12/14/pruefung-log4j-sicherheitsluecken-abgeschlossen/) | | | | | NetGate PFSense | | | | | [NetGate PFSense Forum](https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35) | | | | | Netwrix | | | | | [Netwrix Statement](https://www.netwrix.com/netwrix_statement_on_cve_2021_44228_the_apache_log4j_vulnerability.html) | | | | +| New Relic | Containerized Private Minion (CPM)| 3.0.57| Fixed| Yes| [NR21-04](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/) | New Relic is in the process of revising guidance/documentation, however the fix version remains sufficient. | [Security Bulletin NR21-04](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/) | 12-18-2021 | | New Relic |New Relic Java Agent|<7.4.2|Affected|Yes|[Java agent v7.4.2](https://docs.newrelic.com/docs/release-notes/agent-release-notes/java-release-notes/java-agent-742/)|Initially fixed in 7.4.1, but additional vulnerability found|[New Relic tracking](https://github.com/newrelic/newrelic-java-agent/issues/605), covers CVE-2021-44228, CVE-2021-45046|12/15/2021| | NextCloud | | | | | [NextCloud Help](https://help.nextcloud.com/t/apache-log4j-does-not-affect-nextcloud/129244) | | | | | Nexus Group | | | | | [Nexus Group Docs](https://doc.nexusgroup.com/pages/viewpage.action?pageId=83133294) | | | | @@ -1244,17 +1682,44 @@ This list was initially populated using information from the following sources: | OTRS | | | | | [OTRS Link](https://portal.otrs.com/external) | | | | | OVHCloud | | | | | [OVHCloud Blog Post](https://blog.ovhcloud.com/log4shell-how-to-protect-my-cloud-workloads/) | | | | | OwnCloud | | | | | [OwnCloud Link](https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493) | | | | -| OxygenXML | | | | | [OxygenXML Link](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | | | -| Palo-Alto | CloudGenix | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | -| Palo-Alto | PAN-OS for Panorama | 9.0, 9.1, 10.0 | Affected | Yes | [CVE-2021-44228:Impact of Log4J Vulnerability](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | 12/15/2021 | +| OxygenXML | Author | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Developer | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Editor | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Oxygen Content Fusion | 2.0, 3.0, 4.1 | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Oxygen Feedback Enterprise | 1.4.4 & older | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Oxygen License Server | v22.1 to v24.0 | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Oxygen PDF Chemistry | v22.1, 23.0, 23.1, 24.0 | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Oxygen SDK | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Plugins (see advisory link) | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Publishing Engine | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | Web Author | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| OxygenXML | WebHelp | | Affected | Fixed | Yes | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | 12/17/2021 | +| Palantir | Palantir Foundry | All | Fixed | | [Palantir Response to Log4j Vulnerability (palantir.com)](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | 12/19/2021 | +| Palantir | Palantir Gotham | All | Fixed | | [Palantir Response to Log4j Vulnerability (palantir.com)](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | 12/19/2021 | +| Palantir | Palantir Apollo | All | Not Affected | | [Palantir Response to Log4j Vulnerability (palantir.com)](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact, and updates have been deployed for full remediation. | | 12/19/2021 | +| Palantir | Palantir AI Inference Platform (AIP) | All | Fixed | | [Palantir Response to Log4j Vulnerability (palantir.com)](https://www.palantir.com/security-advisories/log4j-vulnerability/) | Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. | | 12/19/2021 | +| Palo-Alto Networks | CloudGenix | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Palo-Alto Networks-OS for Panorama | 9.0, 9.1, 10.0 | Affected | Yes | [CVE-2021-44228:Impact of Log4J Vulnerability](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | 12/15/2021 | +| Palo-Alto Networks | Bridgecrew | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Cortex Data Lake | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Cortex Xpanse| | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | Cortex XDR Agent | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | Cortex XSOAR | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Expedition | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | IoT Security | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | GlobalProtect App | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | -| Palo-Alto Networks | PAN-OS for Firewall and Wildfire | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Palo-Alto Networks-OS for Firewall and Wildfire | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Prisma Access | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | Prisma Cloud | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | Prisma Cloud Compute| | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | Okyo Grade | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | SaaS Security | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | WildFire Appliance | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | WildFire Cloud | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | +| Palo-Alto Networks | User-ID Agent | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Panopto | | | | | [Panopto Support Link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | | -| PaperCut | | | | | [PaperCut Link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | | +| PaperCut | PaperCut MF | 21.0 and later | Affected | Yes | [https://www.papercut.com/support/known-issues/?id=PO-684#ng](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve.| | 12/16/2021 | +| PaperCut | PaperCut NG | 21.0 and later | Affected | Yes | [https://www.papercut.com/support/known-issues/?id=PO-684#ng](https://www.papercut.com/support/known-issues/?id=PO-684#ng) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve.| | 12/16/2021 | | Parallels | | | | | [Parellels Link](https://kb.parallels.com/en/128696) | | | | | Parse.ly | | | | | [Parse.ly Blog Post](https://blog.parse.ly/parse-ly-log4shell/) | | | | | Pega | | | | | [Pega Docs Link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | | | | @@ -1280,6 +1745,9 @@ This list was initially populated using information from the following sources: | PortSwigger | | | | | [PortSwigger Forum](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | | | PostGreSQL | | | | | [PostGreSQL News](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | | | Postman | | | | | [Postman Support Link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | | +|Power Admin LLC|PA File Sight|NONE|NotAffected||[Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/)|||12/17/2021| +|Power Admin LLC|PA Storage Monitor|NONE|NotAffected||[Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/)|||12/17/2021| +|Power Admin LLC|PA Server Monitor|NONE|NotAffected||[Update December 2021: None of our products (PA Server Monitor, PA Storage Monitor, PA File Sight and PA WatchDISK), and none of our websites, use log4j. One less thing to worry about]( https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/)|||12/17/2021| | Pretix | | | | | [Pretix Blog Post](https://pretix.eu/about/de/blog/20211213-log4j/) | | | | | PrimeKey | | | | | [PrimeKey Support Link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | | | Progress / IpSwitch | | | | | [Progress / IpSwitch Link](https://www.progress.com/security) | | | | @@ -1288,7 +1756,9 @@ This list was initially populated using information from the following sources: | Prosys | | | | | [Prosys News Link](https://prosysopc.com/news/important-security-release/) | | | | | Proxmox | | | | | [Proxmox Forum](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | | | PRTG Paessler | | | | | [PRTG Paessler Link](https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228) | | | | -| PTC | | | | | [PTC Alert](https://www.ptc.com/en/support/alerts/log4j%20zero%20day%20vulnerability%20-%2020211211) | This advisory is available for customers only and has not been reviewed by CISA| | | +| PTC | Axeda Platform | 6.9.2 | Affected | No | [PTC Axeda Platform Apache log4j vulnerability - Incident Response](https://www.ptc.com/en/support/article/CS358990) | | | 12/17/2021 | +| PTC | ThingsWorx Platform |8.5,9.0,9.1,9.2, All supported versions | Affected | No | [ThingWorx Apache log4j vulnerability - Incident Response](https://www.ptc.com/en/support/article/CS358901) | | | 12/17/2021 | +| PTC | ThingsWorx Analytics | 8.5,9.0,9.1,9.2, All supported versions | Affected | No | [ThingWorx Apache log4j vulnerability - Incident Response](https://www.ptc.com/en/support/article/CS358901) | | | 12/17/2021 | | PTV Group | | | | | [PTV Group Link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | | | Pulse Secure | Ivanti Connect Secure (ICS) | | Not Affected | | [Pulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | | | Pulse Secure | Ivanti Neurons for secure Access | | Not Affected | | [Pulse Secure Article: KB44933 - CVE-2021-44228 - Java logging library (log4j)](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | | @@ -1314,7 +1784,10 @@ This list was initially populated using information from the following sources: | Pyramid Analytics | | | | | [Pyramid Analytics Community Link](https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid) | | | | | QF-Test | | | | | [QF-Test Blog Post](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) | | | | | Qlik | | | | | [Qlik Community Link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | | -| QMATIC | | | Under Investigation| | [QMATIC Link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | | | | +| QMATIC | Orchestra Central | 6.0+ | Not Affected | | [QMATIC Link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | | | 12/21/2021 | +| QMATIC | Appointment Booking | 2.4+ | Affected | Yes | [QMATIC Link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 | | 12/21/2021 | +| QMATIC | Insights | Cloud | Affected | Yes | [QMATIC Link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | log4j 2.16 applied 2021-12-16 | | 12/21/2021 | +| QMATIC | Appointment Booking | Cloud/Managed Service | Affected | Yes | [QMATIC Link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | log4j 2.16 applied 2021-12-15 | | 12/21/2021 | | QNAP | | | Under Investigation | | [QNAP Security Advisory](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) | | | | | QOPPA | | | | | [QOPPA Link](https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/) | | | | | QSC Q-SYS | | | | | [QSC Q-SYS Article](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) | | | | @@ -1356,34 +1829,34 @@ This list was initially populated using information from the following sources: | Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG)| as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 | Affected | |[RTI Statement](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | |12/16/2021 | | Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG)| as part of RTI Connext Professional 6.0.0 and 6.0.1| Affected | |[RTI Statement](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | |12/16/2021 | | Real-Time Innovations (RTI) | RTI Monitor | | Not Affected | |[RTI Statement](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | |12/16/2021 | -| Red Hat build of Quarkus | log4j-core low | | Not Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat CodeReady Studio 12 | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Data Grid 8 | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Descision Manager 7 | log4j-core low | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Enterprise Linux 6 | log4j | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Enterprise Linux 7 | log4j | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Enterprise Linux 8 | parfait:0.5/log4j12 | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Integration Camel K | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Integration Camel Quarkus | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat JBoss A-MQ Streaming | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat JBoss Enterprise Application Platform 7 | log4j-core low | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat JBoss Enterprise Application Platform Expansion Pack | log4j-core low | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat JBoss Fuse 7 | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenShift Application Runtimes | log4j-core | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenShift Logging | logging-elasticsearch6-container | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Process Automation 7 | log4j-core low | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | -| Red Hat Single Sign-On 7 | log4j-core | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | +| Red Hat | Red Hat Data Grid | 8 | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132) | | Dec/20/2021 | +| Red Hat | Red Hat Process Automation | 7 | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches) | | Dec 20/2021 | +| Red Hat | Red Hat CodeReady Studio | 12.21.0 | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso) | | Dec/21/2021 | +| Red Hat | Red Hat Integration Camel K | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130) | | Dec/20/2021 | +| Red Hat | Red Hat Integration Camel Quarkus | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126) | | Dec/20/2021 | +| Red Hat | Red Hat JBoss A-MQ Streaming | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138)| | Dec/20/2021 | +| Red Hat | Red Hat JBoss Enterprise Application Platform | 7 | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4) | | Dec/20/2021 | +| Red Hat | Red Hat JBoss Fuse | 7 | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134) | | Dec/20/2021 | +| Red Hat| Red Hat Vert.X | 4 | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093) | | Dec/20/2021 | +| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094) | | | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | | +| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | | +| Red Hat OpenShift Logging | logging-elasticsearch6-container | | Affected | Yes | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | | +| Red Hat | Red Hat Single Sign-On | 7 | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | +| Red Hat | Red Hat Enterprise Linux | 6 | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | +| Red Hat | Red Hat Enterprise Linux | 7 | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | +| Red Hat | Red Hat Enterprise Linux | 8 | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | +| Red Hat | Red Hat build of Quarkus | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | +| Red Hat | Red Hat Decision Manager | 7 | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | | Red Hat Software Collections | rh-java-common-log4j | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | | Red Hat Software Collections | rh-maven35-log4j12 | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | | Red Hat Software Collections | rh-maven36-log4j12 | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | | Red Hat | log4j-core | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | | Red Hat | Satellite 5 | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | | Red Hat | Spacewalk | | Not Affected | | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | | +| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | 7 | Not Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | | | Dec/20/2021 | +| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | Affected | No | [CVE-2021-44228- Red Hat Customer Portal](https://access.redhat.com/security/cve/cve-2021-44228) | EOL | | | | Red5Pro | | | | | [Red5Pro Link](https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/) | | | | | RedGate | | | | | [RedGate Link](https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement) | | | | | Redis | | | | | [Redis Link](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | | | | @@ -1412,7 +1885,7 @@ This list was initially populated using information from the following sources: | Rubrik | | | | | [Rubrik Support Link](https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK) | This advisory is available to customers only and has not been reviewed by CISA| | | | Ruckus | Virtual SmartZone (vSZ) | 5.1 to 6.0 | Affected | | [Ruckus Wireless (support.ruckuswireless.com)](https://support.ruckuswireless.com/security_bulletins/313) | | | 12/13/2021 | | RunDeck by PagerDuty | | | | | [RunDeck Docs Link](https://docs.rundeck.com/docs/history/CVEs/) | | | | -| Runecast | | | | | [Runecast Blog Post](https://www.runecast.com/blog/runecast-6-0-1-0-covers-apache-log4j-java-vulnerability) | | | | +| Runecast | Runecast Analyzer | 6.0.3 | Fixed | Yes | [Runecast Release notes](https://www.runecast.com/release-notes) | | | | | SAE-IT | | | | | [SAE-IT News Link](https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html) | | | | | SAFE FME Server | | | | | [SAFE FME Server Community Link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | | | SAGE | | | | | [SAGE Announcement Link](https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228) | | | | @@ -1447,7 +1920,29 @@ This list was initially populated using information from the following sources: | SBT | SBT | <1.5.6 | Affected | Yes | [Release 1.5.7 · sbt/sbt(github.com)](https://github.com/sbt/sbt/releases/tag/v1.5.7) | | | 12/15/2021 | | ScaleComputing | | | | | [ScaleComputing Community Link](https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability) |This advisory is available to customers only and has not been reviewed by CISA | | | | ScaleFusion MobileLock Pro | | | | | [ScaleFusion MobileLock Pro Help](https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228) | | | | -| Schneider Electric | | | | | [Schneider Electric Link](https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01) | | | | +| Schneider Electric | EcoStruxure IT Gateway | V1.5.0 to V1.13.0 | Fixed | Yes | [EcoStruxure Link](https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/) | | | 12/20/2021 | +| Schneider Electric | EcoStruxure IT Expert | Cloud | Fixed | Yes | | | | 12/20/2021 | +| Schneider Electric | Facility Expert Small Business | Cloud | Fixed | Yes | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | Wiser by SE platform | Cloud | Fixed | Yes | | | | 12/20/2021 | +| Schneider Electric | EASYFIT | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | Ecoreal XL | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | Eurotherm Data Reviewer | V3.0.2 and prior | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | MSE | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | NetBotz750/755 | Software versions 5.0 through 5.3.0 | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | NEW630 | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SDK BOM | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SDK-Docgen | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SDK-TNC | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SDK-UMS | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SDK3D2DRenderer | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SDK3D360Widget | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | Select and Config DATA | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SNC-API | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SNC-CMM | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SNCSEMTECH | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SPIMV3 | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SWBEditor | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | +| Schneider Electric | SWBEngine | Current software and earlier | Affected | | [SE Cybersecurity Best Practices](https://www.se.com/us/en/download/document/7EN52-0390/) | | | 12/20/2021 | | SCM Manager | | | | | [SCM Manager Link](https://scm-manager.org/blog/posts/2021-12-13-log4shell/) | | | | | ScreenBeam | | | | | [ScreenBeam Article](https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228) | | | | | SDL worldServer | | | | | [SDL worldServer Link](https://gateway.sdl.com/apex/communityknowledge?articleName=000017707) | | | | @@ -1464,39 +1959,81 @@ This list was initially populated using information from the following sources: | Shibboleth | All Products | Identity Provider>=3.0, All other software versions | NotAffected | | [Log4j CVE (non)-impact](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | 12/10/2021 | | Shopify | | | | | [Shopify Community Link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | | | Siebel | | | | | [Siebel Link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | | -| Siemens | Capital | All Versions >- 2019.1 SP1912 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Only affected if Teamcenter integration feature is used. Mitigation: [Mitigation Link](https://support.sw.siemens.com/en-US/knowledge-base/MG618363) | | 12/15/2021 | -| Siemens | Comos Desktop App | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Desigo CC Advanced Reporting | V4.0, 4.1, 4.2, 5.0, 5.1 | Affected | Yes | [Siemens Advisory Link]( https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Desigo CC Info Center | V5.0, 5.1 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | E-Car OC Cloud Application | All Versions < 2021-12-13 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | EnergyIP Prepay | V3.7. V3.8 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15 2021 | -| Siemens | GMA-Manager | All Version > V8.6.2j-398 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021| -| Siemens | HES UDIS | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) ||| 12/15/2021 | -| Siemens | Industrial Edge Management App | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| | | 12/15/2021 | -| Siemens | Industrial Edge Management Hub | All versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Industrial Edge Management OS | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | LOGO! Soft Comfort | All versions | Affected | Yes | [Siemens Advisory Link]( https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | |12/15/2021 | -| Siemens | Mendix Applications | All Versions | Not Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| | | 12/15/2021 | -| Siemens | Mindsphere Cloud Application | All Versions < 2021-12-11 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Fixed on Cloud Version | |12/15/2021 | -| Siemens | NX | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Opcenter Intelligence | All Versions >=3.2 | Affected | Yes |[Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Only OEM version that ships Tableau | | 12/15/2021 | -| Siemens | Operation Scheduler | All versions >= V1.1.3 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Block incoming and outgoing connections | | 12/15/2021 | -| Siemens | SIGUARD DSA | V4.2, 4.3, 4.4 | Affected | Yes | [Siemens Advisory Link]( https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | |12/15/2021 | -| Siemens | SIMATIC WinCC | All Versions =4.16.2.1 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Siveillance Control Pro | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Siveillance Identity V1.5 | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Siveillance Identity V1.6 | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Siveillance Vantage | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Solid Edge Wiring Harness Design | All Versions >= 2020 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |only if Teamcenter integration feature is used | | 12/15/2021 | -| Siemens | Spectrum Power 4 | All versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)|only with component jROS in version 3.0.0|| 12/15/2021| -| Siemens | Spectrum Power 7 | All Versions < V2.30 SP2 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| only with component jROS | | 12/15/2021 | -| Siemens | Teamcenter Suite | All Versions | Affected | Yes| [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| ||12/15/2021| -| Siemens | VeSys | All Versions >=2019.1 SP1912 |Affected | Yes |[Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | only if Teamcenter integration feature is used| |12/15/2021 | -| Siemens | Xpedition EDM Client | VX.2.6-VX.2.10 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | -| Siemens | Xpedition EDM Server | VX.2.6-VX.2.10 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | |12/15/2021 | +| Siemens | Advantage Navigator Energy & Sustainability | All Versions <2021-12-13 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Vulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Advantage Navigator Software Proxy | All Versions | Affected | No | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Currently no remediation is available. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Capital | All Versions>=2019.1 SP1912 only if Teamcenter integration feature is used | Affected | No | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Only affected if Teamcenter integration feature is used. Currently no remediation is available. Find detailed mitigations steps at:[Mitigations Link](https://support.sw.siemens.com/en-US/knowledge-base/MG618363); See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Cerberus DMS | V5.0, V5.1 with Advanced Reporting EM installed | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Remove the JndiLookup class from the class-path. Detailed instructions are available [here](https://support.industry.siemens.com/cs/ww/en/view/109805562/). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Comos Desktop App | All Versions | Affected | No | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Uninstall “Teamcenter Client Communication System (TCSS)” or block both incoming and outgoing connections between the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| | 12/18/2021 | +| Siemens | Desigo CC | V3.0, V4.0, V4.1, V4.2 with Advanced Reporting EM installed | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Remove the JndiLookup class from the class-path. Detailed instructions are available [here](https://support.industry.siemens.com/cs/ww/en/view/109805562/). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Desigo CC | V5.0, 5.1 with Advanced Reporting OR Info Center EM installed| Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Remove the JndiLookup class from the class-path. Detailed instructions are available [here](https://support.industry.siemens.com/cs/ww/en/view/109805562/). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | E-Car OC Cloud Application | All Versions <2021-12-13 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Vulnerability CVE 2021-44228 fixed on central cloud service starting 2021-12-13; no user actions necessary. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| | 12/18/2021 | +| Siemens | Energy Engage| V3.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Find detailed remediation and mitigation information on the [EnergyIP docs portal](https://docs.emeter.com/display/public/WELCOME/EnergyIP+Security+Advisory+for+Log4Shell+Vulnerability). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | EnergyIP | V8.5, V8.6, V8.7, V9.0| Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Note: EnergyIP V8.5 and V8.6 applications are not directly affected, but CAS is. Find detailed remediation and mitigation information on the [EnergyIP docs portal](https://docs.emeter.com/display/public/WELCOME/EnergyIP+Security+Advisory+for+Log4Shell+Vulnerability). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | EnergyIP Prepay | V3.7. V3.8 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Specific mitigation information has been released for the customer projects with the request of immediate deployment. The long-term solution of updating the log4j2 component to a fix version is being tested and will be released, once confirmed being safe for the particular product version in line with the project Service Level Agreements. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Enlightened Amaze | All Versions <2021-12-10 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Vulnerabilities fixed on central cloud services starting 2021-12-10; no user actions necessary. For Comfy and Enlighted, see the Additional Information section and further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021| +| Siemens | Enlightened Where| All Versions <2021-12-11 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Vulnerabilities fixed on central cloud services starting 2021-12-11; no user actions necessary. For Comfy and Enlighted, see the Additional Information section and further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021| +| Siemens | Geolus Shape Search V10 | All Versions | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Geolus Shape Search V11 | All Version | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | GMA-Manager | All Version >=V8.6.2j-398 and =V17.2.3 and =V3.2 only OEM version that ships Tableau | Affected | No|[Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Currently no remediation is available. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Operation Scheduler | All versions >=V1.1.3 | Affected | No | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections between the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| | 12/18/2021 | +| Siemens | SENTRON powermanager V4 | V4.1, V4.2 | Affected | No | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections between the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| | 12/18/2021 | +| Siemens | SIGUARD DSA | V4.2, 4.3, 4.4 | Affected | No | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | |12/18/2021 | +| Siemens | SIMATIC WinCC | All Versions | Not Affected | | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | SIMATI WinCC products were previously listed as affected. They were removed after closer investigation showed that they are not affected. | | 12/18/2021 | +| Siemens | Simcenter 3D | All Versions <=V022.1 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8601203). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | SiPass integrated V2.80 | All Versions | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet.See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | SiPass integrated V2.85 | All Versions | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Siveillance Command | All Versions >=4.16.2.1 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Siveillance Control Pro | All Versions | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Hotfix available for versions >= V2.1 (please contact customer support). Block both incoming and outgoing connections betwen the system and the Internet.See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Siveillance Identity V1.5 | All Versions | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Siveillance Identity V1.6 | All Versions | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Siveillance Vantage | All Versions | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Block both incoming and outgoing connections betwen the system and the Internet. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Solid Edge CAM Pro | All Versions delivered with Solid Edge SE 2020 or later version | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Solid Edge Harness Design | All Versions >=2020 SP2002 only if Teamcenter integration feature is used | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledgebase/MG618363). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Spectrum Power 4 | All versions >=V4.70 SP8 | Affected | Yes | [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)|Update to V4.70 SP9 and apply the patch provided via customer support. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)|| 12/18/2021| +| Siemens | Spectrum Power 7 | All Versions >=V2.30 SP2 | Affected | Yes |[Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Update to V21Q4 and apply the patch provided via customer support. See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Active Workspace | All Versions >=V4.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Briefcase Browser | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Data Share Manager | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Deployment Center | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Dispatcher Service | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter EDA | All Versions >=V2.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter FMS| All Versions >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Integration Framework | All Versions >=V13.2 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter MBSE Gateway | All Versions >=V4.0 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Mendix Connector | V1.0 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Microservices Framework | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Polarion Integration | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Rapid Start | All Versions >=V13.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)|Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Reporting and Analytics | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Requirements Integrator | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Retail Footwear and Apparel | All Versions >=V4.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Security Services | All Versions >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Supplier Collaboration | All Versions >=V5.1 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter System Modeling Workbench | All Versions based on Java SOA client >=V11.3 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Teamcenter Technical Publishing | All Versions >=V2.10 | Affected | Yes| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Remove the JndiLookup class from the classpath. Find detailed remediation and mitigation information [here](https://support.sw.siemens.com/en-US/knowledge-base/PL8600700). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | VeSys | All Versions >=2019.1 SP1912 only if Teamcenter integration feature is used |Affected | No|[Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledgebase/MG618363). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| |12/18/2021 | +| Siemens | Xpedition Enterprise | All Versions >=VX.2.6 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledge-base/MG618343). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 | +| Siemens | Xpedition IC Packaging | All Versions >=VX.2.6 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledge-base/MG618343). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf).| |12/18/2021 | | Sierra Wireless | | | | | [Sierra Wireless Security Bulletin](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | | | Signald | | | | | [Signald Gitlab](https://gitlab.com/signald/signald/-/issues/259) | | | | | Silver Peak | Orchestrator, Silver Peak GMS | | Affected | No | [Security Advisory Notice Apache](https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf) | Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. | | 12/14/2021 | @@ -1547,17 +2084,27 @@ This list was initially populated using information from the following sources: | SOS Berlin | | | | | [SOS Berlin Link](https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability) | | | | | Spambrella | | | | | [Spambrella FAQ Link](https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/) | | | | | Spigot | | | | | [Spigot Security Release](https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/) | | | | -| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | IT Service Intelligence (ITSI) | 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.x | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Cloud Developer Edition | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Connect for SNMP | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk DB Connect | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Enterprise | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Enterprise Docker Container | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Forwarders (UF/HWF) | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Mint | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Stream Processor Service | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) | 5.2.0 and older | Affected | CVE-2021-44228: 5.2.1 CVE-2021-45046: 5.2.2 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) | 3.0.0 and older | Affected | CVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) | 3.0.0 and older | Affected | CVE-2021-44228: 3.0.1 CVE-2021-45046: 3.0.2 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Affected | CVE-2021-44228: Pending CVE-2021-45046: Pending CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) | 4.11, 4.10.x (Cloud only), 4.9.x | Affected |CVE-2021-44228: 4.11.1, 4.10.3, 4.9.5 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parameters| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) | 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x | Affected |CVE-2021-44228: 4.11.1, 4.10.3, 4.9.5, 4.7.3 CVE-2021-45046: 4.11.2, 4.10.4, 4.9.6, 4.7.4 CVE-2021-45105: not applicable due to configuration parameters| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Connect for Kafka | All versions prior to 2.0.4 | Affected | CVE-2021-44228: 2.0.4 CVE-2021-45046: 2.0.5 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Enterprise (including instance types like Heavy Forwarders) | All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. | Affected | CVE-2021-44228: 8.1.7.1, 8.2.3.2 CVE-2021-45046: 8.1.7.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | See Splunk Enterprise | Affected |CVE-2021-44228: 8.2.3.2, 8.1.7.1 published to AWS Marketplace CVE-2021-45046: TBD | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Enterprise Docker Container | See Splunk Enterprise | Affected | CVE-2021-44228: latest, edge, 8.1, 8.1.7.1, 8.2, 8.2.3.2 CVE-2021-45046: latest, edge, 8.1, 8.1.7.2, 8.2, 8.2.3.3 CVE-2021-45105: not applicable due to configuration parameters | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Logging Library for Java | 1.11.0 and older | Affected | CVE-2021-44228: 1.11.1 CVE-2021-45046: 1.11.2 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) | 4.0.3 and older | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) | 4.2.1 and older | Affected | Pending| [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | Affected | CVE-2021-44338: TBD CVE-2021-45046: TBD | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk On-call / VictorOps | Current | Affected | CVE-2021-44228: Fixed 12/15 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Real User Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Application Performance Monitoring| Current | Affected | CVE-2021-44228: Fixed 12/1 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Infrastructure Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Log Observer | Current | Affected | CVE-2021-44228: Fixed 12/16 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | +| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Affected | Pending | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:30 am PT, 12/20/21 | | Sprecher Automation | | | | | [Sprecher Automation Security Alert](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | | | Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | | | Spring Boot | | | | | [Spring Boot Vulnerability Statement](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | | @@ -1595,15 +2142,76 @@ This list was initially populated using information from the following sources: | TechSmith | | | | | [TechSmith Article](https://support.techsmith.com/hc/en-us/articles/4416620527885?input_string=log4j) | | | | | Telestream | | | | | [Telestream Bulletin](http://www.telestream.net/telestream-support/Apache-Log4j2-Bulletin.htm) | | | | | Tenable | | | | | [Tenable log4j Statement](https://www.tenable.com/log4j) | | | | -| Thales (SafeNet) HSM | | | | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_protected&sys_id=12acaed3dbd841105d310573f3961953) | This advisory is available to customers only and has not been reviewed by CISA | | | -| Thales | Multiple products | | | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | | +| Thales | CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Cloud Key Manager (CCKM) Embedded | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Database Protection | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Manager | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Transparent Encryption (CTE/VTE/CTE-U) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Vaultless Tokenization (CTS, CT-VL) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Data Protection on Demand | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Data Security Manager (DSM) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | KeySecure | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Luna EFT | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Luna Network, PCIe, Luna USB HSM and backup devices | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Luna SP | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | ProtectServer HSMs | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet Authentication Client | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet IDPrime Virtual | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet eToken (all products) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet IDPrime(all products) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet LUKS | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet ProtectApp (PA) CAPI, .Net & Net Core | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet ProtectDB (PDB) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet ProtectV | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Safenet ProtectFile and ProtectFile- Fuse | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet Transform Utility (TU) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet Trusted Access (STA) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet PKCS#11 and TDE | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet SQL EKM | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SAS on Prem (SPE/PCE) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel EMS Enterprise OnPremise | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel ESDaaS | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel Up | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel RMS | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel Connect | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel Superdog, SuperPro, UltraPro, SHK | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel HASP, Legacy dog, Maze, Hardlock | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel Envelope | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Thales payShield 9000 | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Thales payShield 10k | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Thales payShield Manager | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Vormetirc Key Manager (VKM) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Vormetric Application Encryption (VAE) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Vormetric Protection for Terradata Database (VPTD) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Vormetric Tokenization Server (VTS) | | Not Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | payShield Monitor | | Under Investigation | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CADP/SafeNet Protect App (PA) - JCE | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Batch Data Transformation (BDT) 2.3 | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Cloud Key Manager (CCKM) Appliance | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | CipherTrust/SafeNet PDBCTL | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Crypto Command Center (CCC) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | SafeNet Vaultless Tokenization | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel LDK EMS (LDK-EMS) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel LDKaas (LDK-EMS) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel EMS Enterprise aaS | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel Professional Services components (both Thales hosted & hosted on-premises by customers) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Sentinel SCL | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | +| Thales | Thales Data Platform (TDP)(DDC) | | Affected | | [Thales Support](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | 12/17/2021 | | The Access Group | | | | | [The Access Group Response](https://pages.theaccessgroup.com/Response-Log4J-Dec21.html) | | | | | ThreatLocker | | | | | [ThreatLocker Log4j Statement](https://threatlocker.kb.help/log4j-vulnerability/) | | | | -| ThycoticCentrify | | | | | [ThycoticCentrify Bulletin](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | | +| ThycoticCentrify | Secret Server | N/A | Not Affected | |[ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | Privilege Manager | N/A | Not Affected || [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | Account Lifecycle Manager | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | Privileged Behavior Analytics | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | DevOps Secrets Vault | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | Connection Manager | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | Password Reset Server | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | +| ThycoticCentrify | Cloud Suite | N/A | Not Affected | | [ThycoticCentrify Products NOT Affected by CVE-2021-44228 Exploit](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | 12/10/15 | | Tibco | | | | | [Tibco Support Link](https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update) | | | | | Top Gun Technology (TGT) | | | | | [TGT Bulletin](https://www.topgun-tech.com/technical-bulletin-apache-software-log4j-security-vulnerability-cve-2021-44228/) | | | | | TopDesk | | | | | [TopDesk Statement](https://my.topdesk.com/tas/public/ssp/content/detail/knowledgeitem?unid=74952771dfab4b0794292e63b0409314) | | | | -|Topicus KeyHub|||||[Topicus Keyhub Statement](https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/)|||| +|Topicus Security|Topicus KeyHub|All|Not Affected||[Topicus Keyhub Statement](https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/)|||2021-12-20| | Topix | | | | | [Topix Statement](https://www.topix.de/de/technik/systemfreigaben.html) | | | | | Tosibox | | | | | [Tosibox Security Advisory](https://helpdesk.tosibox.com/support/solutions/articles/2100050946-security-advisory-on-vulnerability-in-apache-log4j-library-cve-2021-44228) | ||| | TPLink |Omega Controller|Linux/Windows(all)|Affected|Yes|[Statement on Apache Log4j Vulnerability](https://www.tp-link.com/us/support/faq/3255)|Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16|[Tp Community Link](https://community.tp-link.com/en/business/forum/topic/514452),[Reddit Link](https://www.reddit.com/r/TPLink_Omada/comments/rdzvlp/updating_the_sdn_to_protect_against_the_log4j)|12/15/2021| @@ -1640,7 +2248,7 @@ This list was initially populated using information from the following sources: | VMware | VMware Carbon Black EDR Server | 7.x, 6.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware Cloud Foundation | 4.x, 3.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware HCX | 4.x, 3.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | -| VMware | VMware Horizon | N/A | Affected | Yes | [VMSA-2021-0028](https://kb.vmware.com/s/article/87073) | | | 12/14/2021 | +| VMware | VMware Horizon | 8.x, 7.x | Affected | Yes | [VMSA-2021-0028.4 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | [VMware KB 87073 (vmware.com)](https://kb.vmware.com/s/article/87073) | 12/17/2021 | | VMware | VMware Horizon Cloud Connector | 1.x, 2.x | Affected | Yes | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware Horizon DaaS | 9.1.x, 9.0.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware Identity Manager | 3.3.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | @@ -1656,9 +2264,8 @@ This list was initially populated using information from the following sources: | VMware | VMware Telco Cloud Automation | 2.x, 1.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware Unified Access Gateway | 21.x, 20.x, 3.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware vCenter Cloud Gateway | 1.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | -| VMware | VMware vCenter Server | 6.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | -| VMware | VMware vCenter Server | 7.x, 6.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | -| VMware | VMware vCenter Server | 8.x, 7.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | +| VMware | vCenter Server - OVA | 7.x, 6.7.x, 6.5.x | Affected | Pending | [VMSA-2021-0028.4 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | [Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081 ) | | 2021-12-17 | +| VMware | vCenter Server - Windows | 6.7.x, 6.5.x | Affected | Pending | [VMSA-2021-0028.4 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | [Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096 ) | | 2021-12-17 | | VMware | VMware vRealize Automation | 8.x, 7.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware vRealize Lifecycle Manager | 8.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware vRealize Log Insight | 8.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | @@ -1669,7 +2276,7 @@ This list was initially populated using information from the following sources: | VMware | VMware Workspace ONE Access Connector (VMware Identity Manager Connector) | 21.x, 20.10.x, 19.03.0.1 | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | Wallarm | | | | | [Lab Mitigation Update](https://lab.wallarm.com/cve-2021-44228-mitigation-update/) | | | | | Wasp Barcode technologies | | | | | [Waspbarcode Assetcloud Inventorycloud](https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no) | | | | -| WatchGuard / Secplicity / [Secplicity Critical RCE](https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/) | | | | +| WatchGuard | Secplicity | | | | [Secplicity Critical RCE](https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/) | | | | | Western Digital | | | | | [Westerndigital Product Security](https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis) | | | | | WindRiver | | | | | [Windriver Security Notice](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | | | WireShark | | | | | [Gitlab Wireshark](https://gitlab.com/wireshark/wireshark/-/issues/17783) | | | | @@ -1691,13 +2298,13 @@ This list was initially populated using information from the following sources: | ZAMMAD | | | | | [Zammad Elasticsearch Users](https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256) | | | | | Zaproxy | | | | | [Zaproxy](https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/) | | | | | Zebra | | | | | [Zebra lifeguard Security](https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html) | | | | -| Zendesk |All Products|All Versions|Affected |No|[2021-12-13 Security Advisory - Apache Log4j (CVE-2021-44228)](https://support.zendesk.com/hc/en-us/articles/4413583476122)|Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems.||12/13/2021| +| Zendesk | All Products | All Versions | Affected | No | [2021-12-13 Security Advisory - Apache Log4j (CVE-2021-44228)](https://support.zendesk.com/hc/en-us/articles/4413583476122) | Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. | | 12/13/2021 | | Zenoss | | | | | [Zenoss](https://support.zenoss.com/hc/en-us) | | | | | Zerto | | | | | [Zerto KB](https://help.zerto.com/kb/000004822) | | | | | Zesty | | | | | [Zesty Log4j Exploit](https://www.zesty.io/mindshare/company-announcements/log4j-exploit/) | | | | | Zimbra | | | | | [BugZilla Zimbra](https://bugzilla.zimbra.com/show_bug.cgi?id=109428) | | | | -| Zoom | | | | | [Zoom Security Exposure](https://community.zoom.com/t5/Community-Help-Center/Zoom-security-exposure/m-p/28109/highlight/true#M2059) | | | | +| Zoom | | | | | [Zoom Security Exposure](https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache) | | | | | ZPE systems Inc | | | | | [ZpeSystems CVE-2021-44228](https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j) | | | | -| Zscaler |Multiple Products||Not Affected|No|[CVE-2021-44228 log4j Vulnerability](https://trust.zscaler.com/posts/9581)|||12/15/2012| +| Zscaler | See Link (Multiple Products) | | Not Affected | No | [CVE-2021-44228 log4j Vulnerability](https://trust.zscaler.com/posts/9581) | | | 12/15/2012 | | Zyxel | | | | | [Zyxel Security Advisory for Apache Log4j](https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml) | | | | | Zyxel | Security Firewall/Gateways | ZLD Firmware Security Services, Nebula | Not Affected | N/A | [Zyxel Security Advisory](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | | | 12/14/2021 |