Normalize YAML files and update the software lists

pull/513/head^2
cisagovbot 2 years ago
parent daddbc208b
commit b7d9f75a61
  1. 379
      software_lists/software_list_A.md
  2. 258
      software_lists/software_list_B.md
  3. 286
      software_lists/software_list_C.md
  4. 398
      software_lists/software_list_D.md
  5. 263
      software_lists/software_list_E.md
  6. 198
      software_lists/software_list_F.md
  7. 225
      software_lists/software_list_G.md
  8. 239
      software_lists/software_list_H.md
  9. 347
      software_lists/software_list_I.md
  10. 172
      software_lists/software_list_J.md
  11. 64
      software_lists/software_list_K.md
  12. 138
      software_lists/software_list_L.md
  13. 128
      software_lists/software_list_M.md
  14. 95
      software_lists/software_list_N.md
  15. 41
      software_lists/software_list_Non-Alphabet.md
  16. 81
      software_lists/software_list_O.md
  17. 304
      software_lists/software_list_P.md
  18. 82
      software_lists/software_list_Q.md
  19. 132
      software_lists/software_list_R.md
  20. 342
      software_lists/software_list_S.md
  21. 146
      software_lists/software_list_T.md
  22. 44
      software_lists/software_list_U.md
  23. 123
      software_lists/software_list_V.md
  24. 81
      software_lists/software_list_W.md
  25. 165
      software_lists/software_list_X.md
  26. 54
      software_lists/software_list_Y.md
  27. 63
      software_lists/software_list_Z.md

@ -0,0 +1,379 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| ABB | AlarmInsight Cloud | | | Not Affected | [link](https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ABB | B&R Products | | | Not Affected | [link](https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ABB | Remote Service | | | Fixed | [link](https://library.e.abb.com/public/33d17fce257142a9bc12de09d5b03e4f/9ADB012621_CyberSecurityNotification_Log4Shell_Vulnerabilities_RevE.pdf?x-sign=FsPI10PMyN3QM7OoR2bIwFRdFmC/BCX+5CZVPKdq2/rx0Nh8iHMAwluUVEaTFDjt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Abbott | All | | | Unknown | [link](https://www.abbott.com/policies/cybersecurity/apache-Log4j.html) | Details are shared with customers with an active RAP subscription. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Abbott | GLP Track System | Track Sample Manager (TSM), Track Workflow Manager (TWM) | | Affected | [link](https://www.abbott.com/policies/cybersecurity/apache-Log4j.html) | Abbott will provide a fix for this in a future update expected in January 2022. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Abnormal Security | All | | | Not Affected | [link](https://abnormalsecurity.com/blog/attackers-use-email-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accellence Technologies | EBÜS | | All | Fixed | [link](https://www.accellence.de/en/articles/cve-2021-44228-62) | EBÜS itself is not vulnerable to CVE-2021-44228. Although it includes several 3rd-party software setups, which may be affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accellence Technologies | Vimacc | | | Not Affected | [link](https://www.accellence.de/en/articles/cve-2021-44228-62) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accellion | Kiteworks | | v7.6 release | Fixed | [link](https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/) | As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 contained in the Solr package as recommended by Apache Solr group. Specifically, it updates the Log4j library to a non-vulnerable version on CentOS 7 systems as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true" to disable the possible attack vector on both CentOS 6 and CentOS 7. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Accruent | Analytics | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Asset Enterprise | | | Not Affected | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | BigCenter | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | EMS | | | Not Affected | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Evoco | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Expesite | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Famis 360 | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Lucernex | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Maintenance Connection | | | Not Affected | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Meridian | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Single Sign On (SSO, Central Auth) | | | Not Affected | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | SiteFM3 | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | SiteFM4 | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | Siterra | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | TMS | | | Not Affected | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | VxField | | | Not Affected | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | VxMaintain | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | VxObserve | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Accruent | VxSustain | | | Fixed | [link](https://www.accruent.com/apache_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acquia | All | | | Unknown | [link](https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Backup | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Cyber Backup | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Cyber Files | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Cyber Infrastructure | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Cyber Protect | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Cyber Protection Home Office | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | DeviceLock DLP | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Files Connect | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | MassTransit | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acronis | Snap Deploy | | | Not Affected | [link](https://security-advisory.acronis.com/advisories/SEC-3859) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ActiveState | All | | | Unknown | [link](https://www.activestate.com/blog/activestate-statement-java-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | 360 | | | Not Affected | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | Agents | | | Not Affected | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | Application | | | Not Affected | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | IAST - ASP.NET | | | Not Affected | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | IAST - NodeJS | | | Not Affected | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | IAST - PHP | | | Not Affected | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Acunetix | IAST-Java | | All | Fixed | [link](https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/) | AcuSensor IAST module needs attention. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adaptec | All | | | Unknown | [link](https://ask.adaptec.com/app/answers/detail/a_id/17523/kw/log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Addigy | All | | | Unknown | [link](https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adeptia | Connect | | 3.3, 3.4, 3.5 | Fixed | [link](https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adeptia | Suite | | 6.9.9, 6.9.10, 6.9.11 | Fixed | [link](https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Automated Forms Conversion Service | | | Affected | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | ColdFusion | | | Fixed | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager 6.3 Forms on JEE | | All versions from 6.3 GA to 6.3.3 | Fixed | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager 6.4 Forms Designer | | | Affected | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager 6.4 Forms on JEE | | All versions from 6.4 GA to 6.4.8 | Fixed | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager 6.5 Forms Designer | | | Fixed | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager 6.5 Forms on JEE | | All versions from 6.5 GA to 6.5.11 | Fixed | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager Forms on OSGi | | | Not Affected | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Adobe | Experience Manager Forms Workbench | | | Not Affected | [link](https://helpx.adobe.com/experience-manager/kb/aem-forms-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ADP | All | | | Unknown | [link](https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Advanced Micro Devices (AMD) | All | | | Not Affected | [link](https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Advanced Systems Concepts (formally Jscape) | Active MFT | | | Not Affected | [link](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Advanced Systems Concepts (formally Jscape) | MFT | | | Not Affected | [link](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Advanced Systems Concepts (formally Jscape) | MFT Gateway | | | Not Affected | [link](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Advanced Systems Concepts (formally Jscape) | MFT Server | | | Not Affected | [link](https://support.advsyscon.com/hc/en-us/articles/4413631831569) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| AFHCAN Global LLC | AFHCANcart | | | Not Affected | [link](https://afhcan.org/support.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AFHCAN Global LLC | AFHCANmobile | | | Not Affected | [link](https://afhcan.org/support.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AFHCAN Global LLC | AFHCANServer | | | Not Affected | [link](https://afhcan.org/support.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AFHCAN Global LLC | AFHCANsuite | | | Not Affected | [link](https://afhcan.org/support.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AFHCAN Global LLC | AFHCANupdate | | | Not Affected | [link](https://afhcan.org/support.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AFHCAN Global LLC | AFHCANweb | | | Not Affected | [link](https://afhcan.org/support.aspx) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Agilysys | All | | | Unknown | [link](https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ahsay | Mobile | | | Not Affected | [link](https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ahsay | Other products | | | Not Affected | [link](https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ahsay | PRD | | | Not Affected | [link](https://wiki.ahsay.com/doku.php?id=public:announcement:cve-2021-44228_log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AIL | All | | | Not Affected | [link](https://twitter.com/ail_project/status/1470373644279119875) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Akamai | Enterprise Application Access (EAA) Connector | | | Not Affected | [link](https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Akamai | SIEM Integration Connector | | <1.7.4 | Fixed | [link](https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes) | Akamai SIEM Integration Connector is vulnerable to CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Akamai | SIEM Splunk Connector | | < 1.4.10 | Fixed | [link](https://developer.akamai.com/tools/integrations/siem/siem-cef-connector#release-notes) | Akamai SIEM Integration Connector for Splunk is not vulnerable to CVE-2021-44228. Although it includes the vulnerable Log4J component, it is not used by the connector. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Alcatel | All | | | Unknown | [link](https://dokuwiki.alu4u.com/doku.php?id=log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alertus | Console | | 5.15.0 | Fixed | [link](https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alexion | Alexion CRM | | | Not Affected | [link](https://alexion.nl/blog/alexion-crm-niet-vatbaar-voor-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alfresco | Alfresco | | | Not Affected | [link](https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AlienVault | All | | | Unknown | [link](https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alphatron Medical | AmiSconnect | | | Not Affected | [link](https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alphatron Medical | Custo Diagnostics | 5.4, 5.6 | | Affected | [link](https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alphatron Medical | JiveX | | | Not Affected | [link](https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Alphatron Medical | Zorgbericht | | | Not Affected | [link](https://www.alphatronmedical.com/product-news/vulnerability-apache-log4j.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AMS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Work in progress, portion of customers may still be vulnerable. Actively monitoring this issue, and are working on addressing it for any AMS services which use Log4j2. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | API Gateway | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | Athena | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | Athena JDBC Driver | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | All versions vended to customers were not affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | AWS | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Amazon Linux 1 had aws apitools which were Java based but these were deprecated in 2015 [AWS Forum](https://forums.aws.amazon.com/thread.jspa?threadID=323611). AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2 and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | AWS AppFlow | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | AWS AppSync | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | AWS Certificate Manager | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | AWS Certificate Manager Private CA | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | AWS CloudHSM | | < 3.4.1 | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | CloudHSM JCE SDK 3.4.1 or higher is not vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS CodeBuild | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS CodePipeline | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS Connect | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Vendors recommend evaluating components of the environment outside of the Amazon Connect service boundary, which may require separate/additional customer mitigation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Amazon | AWS Directory Service | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Amazon | AWS DynamoDB | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Amazon | AWS ECS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers, Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch will require customer opt-in to use, and disables JNDI lookups from the Log4J2 library in customers’ containers. These updates are available as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS, and will be in supported AWS Fargate platform versions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Amazon | AWS EKS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228 and CVE-2021-45046) security issues on customers’ containers, Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch will require customer opt-in to use, and disables JNDI lookups from the Log4J2 library in customers’ containers. These updates are available as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS, and will be in supported AWS Fargate platform versions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Amazon | AWS Elastic Beanstalk | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Default configuration of applications usage of Log4j versions is not vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Amazon | AWS ElastiCache | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Amazon | AWS ELB | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Amazon | AWS Fargate | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Opt-in hot-patch to mitigate the Log4j issue in JVM layer will be available as platform versions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Amazon | AWS Glue | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Has been updated. Vulnerable only if ETL jobs load affected versions of Apache Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Amazon | AWS Greengrass | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Updates for all Greengrass V2 components Stream Manager (2.0.14) and Secure Tunneling (1.0.6) are available. For Greengrass versions 1.10.x and 1.11.x, an update for the Stream Manager feature is included in Greengrass patch versions 1.10.5 and 1.11.5. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Amazon | AWS Inspector | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Amazon | AWS IoT SiteWise Edge | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Updates for all AWS IoT SiteWise Edge components that use Log4j were made available; OPC-UA collector (v2.0.3), Data processing pack (v2.0.14), and Publisher (v2.0.2). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Amazon | AWS Kinesis Data Streams | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | We are actively patching all sub-systems that use Log4j2 by applying updates. The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library (KPL) are not impacted. For customers using KCL 1.x, we have released an updated version and we strongly recommend that all KCL version 1.x customers upgrade to KCL version 1.14.5 (or higher). KCL 2.x, KCL 1.14.5 or higher, and KPL are not vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Amazon | AWS KMS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS Lambda | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | Vulnerable when using aws-lambda-java-log4j2. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS Polly | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS QuickSight | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | AWS RDS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified in CVE-2021-44228. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Amazon | AWS S3 | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Amazon | AWS SDK | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Amazon | AWS Secrets Manager | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Amazon | AWS Service Catalog | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Amazon | AWS SNS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Amazon SNS systems that serve customer traffic are patched against the Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate separately from SNS’s systems that serve customer traffic. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Amazon | AWS SQS | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | AWS Systems Manager | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | AWS Systems Manager Agent | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | AWS Textract | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | Chime | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Amazon Chime and Chime SDK services have been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Cloud Directory | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | CloudFront | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | CloudWatch | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Cognito | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Corretto | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | 10/19 release distribution does not include Log4j. Vulnerable only if customers applications use affected versions of Apache Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | DocumentDB | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | EC2 | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Packages for Amazon Linux 1 and 2 not affected, package for Amazon Linux 2022 is affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | ECR Public | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Amazon-owned images published under a Verified Account on Amazon ECR Public are not affected by the Log4j issue. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | Elastic Load Balancing | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Services have been updated. All Elastic Load Balancers, as well as Classic, Application, Network and Gateway, are not affected by this Log4j issue. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Amazon | EMR | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Many customers are estimated to be vulnerable. Vulnerable only if affected EMR releases are used and untrusted sources are configured to be processed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | EventBridge | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Fraud Detector | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Inspector | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Inspector Classic | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Kafka (MSK) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Applying updates as required, portion of customers may still be vulnerable. Some MSK-specific service components use Log4j > 2.0.0 library and are being patched where needed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Kendra | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Keyspaces (for Apache Cassandra) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Kinesis | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Kinesis Data Analytics | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Lake Formation | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Update in progress, portion of customers may still be vulnerable. AWS Lake Formation service hosts are being updated to the latest version of Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Lex | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Linux (AL1) | | | Not Affected | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | By default not vulnerable. Opt-in hot-patch to mitigate the Log4j in JVM layer issue is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Linux (AL2) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | By default not vulnerable, and a new version of Amazon Kinesis Agent which is part of AL2 addresses the Log4j issue. Opt-in hot-patch to mitigate the Log4j issue in JVM layer is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Lookout for Equipment | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Macie | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Macie Classic | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Managed Workflows for Apache Airflow (MWAA) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | MemoryDB for Redis | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Monitron | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | MQ | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Neptune | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | NICE | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Recommended to update EnginFrame or Log4j library. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | OpenSearch | | R20211203-P2 | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-005/) | Update released, customers need to update their clusters to the fixed release. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Pinpoint | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | RDS Aurora | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | RDS for Oracle | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Redshift | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Rekognition | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Route 53 | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | SageMaker | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Completed patching for the Apache Log4j2 issue (CVE-2021-44228). Vulnerable only if customers applications use affected versions of Apache Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Simple Notification Service (SNS) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Systems that serve customer traffic are patched against the Log4j2 issue. Working to apply the patch to sub-systems that operate separately from SNSs systems that serve customer traffic. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Simple Queue Service (SQS) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Simple Workflow Service (SWF) | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Single Sign-On | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Step Functions | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Timestream | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | Translate | | | Not Affected | [link](https://aws.amazon.com/translate/) | Service not identified on [AWS Log4j Security Bulletin](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | VPC | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Amazon | WorkSpaces/AppStream 2.0 | | | Fixed | [link](https://aws.amazon.com/security/security-bulletins/AWS-2021-006/) | Not affected with default configurations. WorkDocs Sync client versions 1.2.895.1 and older within Windows WorkSpaces, which contain the Log4j component, are vulnerable; For update instruction, see source for more info. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AMD | All | | | Not Affected | [link](https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1034) | Currently, no AMD products have been identified as affected. AMD is continuing its analysis. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Anaconda | All | | | Not Affected | [link](https://docs.conda.io/projects/conda/en/latest/index.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| AOMEI | All | | | Not Affected | [link](https://www.aomeitech.com/forum/index.php?p=/discussion/7651/aomei-and-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Apache | ActiveMQ Artemis | | | Not Affected | [link](https://activemq.apache.org/news/cve-2021-44228) | ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17 is included in the Hawtio-based web console application archive (i.e. [web/console.war/WEB-INF/lib](web/console.war/WEB-INF/lib)). Although this version of Log4j is not impacted by CVE-2021-44228 future versions of Artemis will be updated so that the Log4j jar is no longer included in the web console application archive. See [ARTEMIS-3612](https://issues.apache.org/jira/browse/ARTEMIS-3612) for more information on that task. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Apache | Airflow | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Airflow is written in Python | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Archiva | | 2.2.6 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Fixed in 2.2.6. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Camel | | | Not Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | Apache Camel does not directly depend on Log4j 2, so we are not affected by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own applications, make sure to upgrade.Apache Camel does use log4j during testing itself, and therefore you can find that we have been using log4j v2.13.3 release in our latest LTS releases Camel 3.7.6, 3.11.4. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Camel 2 | | | Not Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Camel JBang | <=3.1.4 | | Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Camel K | | | Not Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Camel Kafka Connector | | | Not Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Camel Karaf | | | Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | The Karaf team is aware of this and are working on a new Karaf 4.3.4 release with updated log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Camel Quarkus | | | Not Affected | [link](https://camel.apache.org/blog/2021/12/log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Cassandra | | | Not Affected | [link](https://lists.apache.org/thread/2rngylxw8bjos6xbo1krp29m9wn2hhdr) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Apache | Druid | | 0.22.1 | Fixed | [link](https://github.com/apache/druid/releases/tag/druid-0.22.1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Apache | Dubbo | | All | Fixed | [link](https://github.com/apache/dubbo/issues/9380) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Apache | Flink | | 1.15.0, 1.14.2, 1.13.5, 1.12.7, 1.11.6 | Fixed | [link](https://flink.apache.org/2021/12/10/log4j-cve.html) | To clarify and avoid confusion, the 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were skipped because CVE-2021-45046 was discovered during the release publication. The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046. | [https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Apache | Fortress | | < 2.0.7 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Fixed in 2.0.7. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Geode | | 1.14.0 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Fixed in 1.12.6, 1.13.5, 1.14.1. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Guacamole | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Hadoop | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | HBase | | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Hive | | 4.x | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | James | 3.6.0 | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Jena | | < 4.3.1 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | JMeter | All | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | JSPWiki | | 2.11.1 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Kafka | | | Not Affected | [link](https://kafka.apache.org/cve-list) | Uses Log4j 1.2.17. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Apache | Log4j 1.x | | | Not Affected | [link](https://logging.apache.org/log4j/2.x/security.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Log4j 2.x | 2.17.1 | | Affected | [link](https://logging.apache.org/log4j/2.x/security.html) | Fixed in Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Maven | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | NiFi | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Fixed in 1.15.1, 1.16.0. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | OFBiz | | < 18.12.03 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Ozone | | < 1.2.1 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Fixed in 1.15.1, 1.16.0. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | SkyWalking | | < 8.9.1 | Fixed | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | SOLR | | 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 | Fixed | [link](https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228) | Fixed in 8.11.1, Versions before 7.4 also vulnerable when using several configurations. | [Apache Solr 8.11.1 downloads](https://solr.apache.org/downloads.html) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Apache | Spark | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | Uses log4j 1.x | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Struts | 2.5.28 | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Struts 2 | | Versions before 2.5.28.1 | Fixed | [link](https://struts.apache.org/announce-2021) | The Apache Struts group is pleased to announce that Struts 2.5.28.1 is available as a General Availability release. The GA designation is our highest quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by using the latest Log4j 2.12.2 version (Java 1.7 compatible). | [Apache Struts Release Downloads](https://struts.apache.org/download.cgi#struts-ga) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Apache | Tapestry | 5.7.3 | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Tika | 2.0.0 and up | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | Tomcat | | | Unknown | [link](https://tomcat.apache.org/security-9.html) | Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications deployed on Apache Tomcat may have a dependency on log4j. You should seek support from the application vendor in this instance. It is possible to configure Apache Tomcat 9.0.x to use log4j 2.x for Tomcats internal logging. This requires explicit configuration and the addition of the log4j 2.x library. Anyone who has switched Tomcats internal logging to log4j 2.x is likely to need to address this vulnerability. In most cases, disabling the problematic feature will be the simplest solution. Exactly how to do that depends on the exact version of log4j 2.x being used. Details are provided on the [log4j 2.x security page](https://logging.apache.org/log4j/2.x/security.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Apache | TrafficControl | | | Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apache | ZooKeeper | | | Not Affected | [link](https://blogs.apache.org/security/entry/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| APC by Schneider Electric | Powerchute Business Edition | | v9.5, v10.0.1, v10.0.2, v10.0.3, v10.0.4 | Fixed | [link](https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345) | Mitigation instructions to remove the affected class. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| APC by Schneider Electric | Powerchute Network Shutdown | | 4.2, 4.3, 4.4, 4.4.1 | Fixed | [link](https://community.exchange.se.com/t5/APC-UPS-Data-Center-Backup/Log4-versions-used-in-Powerchute-vulnerable/m-p/379866/highlight/true#M47345) | Mitigation instructions to remove the affected class. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Apereo | CAS | | 6.3.x, 6.4.x | Fixed | [link](https://apereo.github.io/2021/12/11/log4j-vuln/) | Other versions still in active maintainance might need manual inspection. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apereo | Opencast | | < 9.10, < 10.6 | Fixed | [link](https://github.com/opencast/opencast/security/advisories/GHSA-mf4f-j588-5xm8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apigee | Edge and OPDK products | | | Not Affected | [link](https://status.apigee.com/incidents/3cgzb0q2r10p) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Apollo | All | | | Unknown | [link](https://community.apollographql.com/t/log4j-vulnerability/2214) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Appdynamics | All | | | Unknown | [link](https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Appeon | PowerBuilder | Appeon PowerBuilder 2017-2021 regardless of product edition | | Affected | [link](https://community.appeon.com/index.php/qna/q-a/apache-log4j-security-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| AppGate | All | | | Unknown | [link](https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Appian | Appian Platform | | All | Fixed | [link](https://community.appian.com/support/w/kb/2511/kb-2204-information-about-the-log4j2-security-vulnerabilities-cve-2021-44228-cve-2021-45046) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Application Performance Ltd | DBMarlin | | | Unknown | [link](https://docs.dbmarlin.com/docs/faqs/frequently-asked-questions/?_ga=2.72968147.1563671049.1639624574-1296952804.1639624574#apache-log4j-vulnerability-cve-2021-4428) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| APPSHEET | All | | | Unknown | [link](https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aptible | All | | Search 5.x | Fixed | [link](https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aqua Security | All | | | Unknown | [link](https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arbiter Systems | All | | | Not Affected | [link](https://www.arbiter.com/news/index.php?id=4403) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| ARC Informatique | All | | | Not Affected | [link](https://www.pcvuesolutions.com/support/index.php/en/security-bulletin/1141-security-bulletin-2021-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Arca Noae | All | | | Unknown | [link](https://www.arcanoae.com/apache-log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arcserve | Arcserve Backup | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | Arcserve Continuous Availability | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | Arcserve Email Archiving | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | Arcserve UDP | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | ShadowProtect | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | ShadowXafe | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | Solo | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Arcserve | StorageCraft OneXafe | | | Not Affected | [link](https://support.storagecraft.com/s/article/Log4J-Update) | | [https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US](https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| ArcticWolf | All | | | Unknown | [link](https://arcticwolf.com/resources/blog/log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arduino | IDE | | 1.8.17 | Fixed | [link](https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ariba | All | | | Unknown | [link](https://connectsupport.ariba.com/sites#announcements-display&/Event/908469) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arista | Analytics Node for Converged Cloud Fabric | >7.0.0 | | Affected | [link](https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070) | Formerly Big Cloud Fabric | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arista | Analytics Node for DANZ Monitoring Fabric | >7.0.0 | | Affected | [link](https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070) | Formerly Big Monitoring Fabric | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arista | CloudVision Portal | >2019.1.0 | | Affected | [link](https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arista | CloudVision Wi-Fi, virtual or physical appliance | >8.8 | | Affected | [link](https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Arista | Embedded Analytics for Converged Cloud Fabric | >5.3.0 | | Affected | [link](https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070) | Formerly Big Cloud Fabric | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | AirWave Management Platform | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Analytics and Location Engine | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | ArubaOS SD-WAN Gateways | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | ArubaOS Wi-Fi Controllers and Gateways | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | ArubaOS-CX Switches | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | ArubaOS-S Switches | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Central | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Central On-Prem | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | ClearPass Policy Manager | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | EdgeConnect | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Fabric Composer (AFC) | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | HP ProCurve Switches | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Instant | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Instant Access Points | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Instant On | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | IntroSpect | | Versions 2.5.0.0 to 2.5.0.6 | Fixed | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Legacy GMS Products | | | Fixed | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Legacy NX | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Legacy VRX | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Legacy VX | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | NetEdit | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Plexxi Composable Fabric Manager (CFM) | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | Silver Peak Orchestrator | | | Fixed | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | User Experience Insight (UXI) | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Aruba Networks | VIA Clients | | | Not Affected | [link](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-019.txt) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ataccama | All | | | Unknown | [link](https://www.ataccama.com/files/log4j2-vulnerability-cve-2021-44228-fix.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atera | All | | | Unknown | [link](https://www.reddit.com/r/atera/comments/rh7xb1/apache_log4j_2_security_advisory_update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Bamboo Server & Data Center | On Prem | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | Only vulnerable when using non-default config, cloud version fixed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Bitbucket Server & Data Center | | On prem | Fixed | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product is not vulnerable to remote code execution but may leak information due to the bundled Elasticsearch component being vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence Server & Data Center | On prem | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | Only vulnerable when using non-default config, cloud version fixed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS CSAT Pro | v1.7.1 | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS WorkBench | | | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS-CAT Lite | v4.13.0 | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS-CAT Pro Assessor v3 Full and Dissolvable | v3.0.77 | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS-CAT Pro Assessor v4 | v4.13.0 | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS-CAT Pro Assessor v4 Service | v1.13.0 | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS-CAT Pro Dashboard | | | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Confluence-CIS-Hosted CSAT | | | Not Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Crowd Server & Data Center | On prem | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Crucible | On prem | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Fisheye | On prem | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atlassian | Jira Server & Data Center | On prem | | Affected | [link](https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html) | This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Attivo Networks | All | | | Unknown | [link](https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Atvise | All | | | Not Affected | [link](https://www.atvise.com/en/articles/at-log4j-sicherheitsluecke-atvise-produkte-und-terminals-nicht-betroffen) | The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| AudioCodes | All | | | Unknown | [link](https://services.audiocodes.com/app/answers/kbdetail/a_id/2225) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Autodesk | All | | | Unknown | [link](https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html) | Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the [Autodesk Trust Center as we learn more](https://www.autodesk.com/trust/overview). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Automation Anywhere | Automation 360 Cloud | | | Fixed | [link](https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Automation Anywhere | Automation 360 On Premise | | | Fixed | [link](https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Automation Anywhere | Automation Anywhere | | 11.x, <11.3x | Fixed | [link](https://apeople.automationanywhere.com/s/login/?language=en_US&startURL=%2Fs%2Farticle%2FA360-Cloud-Zero-day-in-the-Log4j-Java-library&ec=302) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Automox | All | | | Unknown | [link](https://blog.automox.com/log4j-critical-vulnerability-scores-a-10) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Autopsy | All | | | Unknown | [link](https://www.autopsy.com/autopsy-and-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Auvik | All | | | Unknown | [link](https://status.auvik.com/incidents/58bfngkz69mj) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Avantra SYSLINK | All | | | Unknown | [link](https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Avaya | Avaya Analytics | 3.5, 3.6, 3.6.1, 3.7, 4 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Application Enablement Services | 8.1.3.2, 8.1.3.3, 10.1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | [PSN020551u](https://download.avaya.com/css/public/documents/101079386) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Contact Center | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Device Services | 8, 8.0.1, 8.0.2, 8.1, 8.1.3, 8.1.4, 8.1.5 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura for OneCloud Private | | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Media Server | 8.0.0, 8.0.1, 8.0.2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | [PSN020549u](https://download.avaya.com/css/secure/documents/101079316) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Presence Services | 10.1, 7.1.2, 8, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Session Manager | 10.1, 7.1.3, 8, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | [PSN020550u](https://download.avaya.com/css/public/documents/101079384) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura System Manager | 10.1, 8.1.3 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | [PSN005565u](https://download.avaya.com/css/secure/documents/101079390) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Aura Web Gateway | 3.11[P], 3.8.1[P], 3.8[P], 3.9.1[P], 3.9[P] | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Breeze | 3.7, 3.8, 3.8.1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Contact Center Select | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya CRM Connector - Connected Desktop | 2.2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Device Enablement Service | 3.1.22 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Meetings | 9.1.10, 9.1.11, 9.1.12 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya OneCloud-Private | 2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya OneCloud-Private-UCaaS - Mid Market Aura | 1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Session Border Controller for Enterprise | 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | [PSN020554u](https://download.avaya.com/css/public/documents/101079394) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Social Media Hub | | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Avaya Workforce Engagement | 5.3 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Business Rules Engine | 3.4, 3.5, 3.6, 3.7 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Callback Assist | 5, 5.0.1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Control Manager | 9.0.2, 9.0.2.1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Device Enrollment Service | 3.1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Equinox Conferencing | 9.1.2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Interaction Center | 7.3.9 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | IP Office Platform | 11.0.4, 11.1, 11.1.1, 11.1.2 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Avaya | Proactive Outreach Manager | 3.1.2, 3.1.3, 4, 4.0.1 | | Affected | [link](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| AVEPOINT | All | | | Unknown | [link](https://www.avepoint.com/company/java-zero-day-vulnerability-notification) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AVM | All | | | Not Affected | [link](https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C) | devices, firmware, software incl. MyFritz Service. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AvTech RoomAlert | All | | | Unknown | [link](https://avtech.com/articles/23124/java-exploit-room-alert-link/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AXIS | OS | | | Not Affected | [link](https://help.axis.com/axis-os) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AXON | All | | | Unknown | [link](https://my.axon.com/s/trust/response-to-log4j2-vuln?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| AXS Guard | All | | | Unknown | [link](https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Axways Applications | All | | | Unknown | [link](https://support.axway.com/news/1331/lang/en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,258 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| B&R Industrial Automation | APROL | | | Not Affected | [link](https://www.br-automation.com/downloads_br_productcatalogue/assets/1639507581859-en-original-1.0.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Backblaze | Cloud | | | Fixed | [link](https://help.backblaze.com/hc/en-us/articles/4412580603419) | Cloud service patched. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BackBox | All | | | Unknown | [link](https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Balbix | All | | | Unknown | [link](https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Baramundi Products | All | | | Unknown | [link](https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | Demetra | | | Not Affected | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | Demetra | | | Not Affected | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | Green Barco Wall Control Manager (gBCM) | | | Not Affected | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | MediCal QAWeb | | | Not Affected | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | NexxisOR | | | Not Affected | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | OpSpace | | 1.8 - 1.9.4.1 | Fixed | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barco | Transform N (TFN) | | | Not Affected | [link](https://www.barco.com/en/support/knowledge-base/kb12495) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Barracuda | All | | | Unknown | [link](https://www.barracuda.com/company/legal/trust-center) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Basis Technology | Autopsy | | 4.18.0 onwards | Fixed | [link](https://www.autopsy.com/autopsy-and-log4j-vulnerability/) | version 4.18.0 onwards use Apache Solr 8. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Baxter | All | | | Unknown | [link](https://www.baxter.com/sites/g/files/ebysai746/files/2021-12/Apache_Log4j_Vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BBraun | APEX® Compounder | | | Not Affected | [link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| BBraun | DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software | | All | Fixed | [link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| BBraun | Outlook® Safety Infusion System Pump family | | | Not Affected | [link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| BBraun | Pinnacle® Compounder | | | Not Affected | [link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| BBraun | Pump, SpaceStation, and Space® Wireless Battery) | | | Not Affected | [link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| BBraun | Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® Infusion | | | Not Affected | [link](https://www.bbraunusa.com/content/dam/b-braun/us/website/customer_communications/21-0894C_Statement_Cybersecurity_Apache_Log4J_Sheet_FINAL_121621.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| BD | Arctic Sun™ Analytics | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD Diabetes Care App Cloud | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD HealthSight™ Clinical Advisor | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD HealthSight™ Data Manager | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD HealthSight™ Diversion Management | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD HealthSight™ Infection Advisor | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD HealthSight™ Inventory Optimization Analytics | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD HealthSight™ Medication Safety | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD Knowledge Portal for BD Pyxis™ Supply | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD Knowledge Portal for Infusion Technologies | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD Knowledge Portal for Medication Technologies | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD Synapsys™ Informatics Solution | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| BD | BD Veritor™ COVID At Home Solution Cloud | | | Unknown | [link](https://cybersecurity.bd.com/bulletins-and-patches/third-party-vulnerability-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Beckman Coulter | Access 2 (Immunoassay System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Ac•T 5diff (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Ac•T Family (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AU2700 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AU480 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AU5400 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AU5800 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AU640 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AU680 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AutoMate 1200 (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AutoMate 1250 (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AutoMate 2500 (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | AutoMate 2550 (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxA 5000 (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxA 5000 Fit (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 500 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 520 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 560 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 600 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 690T (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 800 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH 900 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH SMS (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxH SMS II (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxM Autoplak (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxM WalkAway 1040 (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxM WalkAway 1096 (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxONE Command Central (Information Systems) | | All | Fixed | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | Customers can follow instructions to remove log4j | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxONE Insights (Information Systems) | | | Fixed | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | Patch has been applied. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxONE Inventory Manager (Information Systems) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxONE Workflow Manager (Information Systems) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxU Workcell (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxUc (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | DxUm (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | HighFlexX Software (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | HmX (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | HmX AL (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | iChemVELOCITY (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | IMMAGE 800 (Nephelometry) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Intelligent Sample Banking ISB (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Ipaw (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | iQ Workcell (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | iQ200 (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | iRICELL (Urinalysis) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LabPro Workstation and Database Computers Provided by Beckman Coulter (Microbiology) | All | | Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | The only known instance of vulnerability due to Log4J is using Axeda services | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LH 500 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LH Slidemaker (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LH Slidestraine (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LH750 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LH780 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | LH785 (Hematology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | MicroScan autoSCAN-4 (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | PK7300 (Blood Bank) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | PK7400 (Blood Bank) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Power Express (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Power Link (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Power Processor (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | PROService (Information Systems) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | RAP Box (Information Systems) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | REMISOL ADVANCE (Information Systems) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Sorting Drive (Lab Automation) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Unicel DxC 600 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Unicel DxC 800 (Chemistry System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Unicel DxI 600 (Immunoassay System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | Unicel DxI 800 (Immunoassay System) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | WalkAway 40 plus (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | WalkAway 40 SI (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | WalkAway 96 plus (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beckman Coulter | WalkAway 96 SI (Microbiology) | | | Not Affected | [link](https://www.beckmancoulter.com/en/about-beckman-coulter/product-security/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-31 |
| Beijer Electronics | acirro+ | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | BFI frequency inverters | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | BSD servo drives | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | CloudVPN | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | FnIO-G and M Distributed IO | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | iX Developer | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | Nexto modular PLC | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | Nexto Xpress compact controller | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Beijer Electronics | WARP Engineering Studio | | | Unknown | [link](https://www05.beijerelectronics.com/en/news---events/news/2021/Important___information___regarding___Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Bender | | | | Unknown | [link](https://www.bender.de/en/cert) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) | | | | Unknown | [link](https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BeyondTrust | Privilege Management Cloud | | Unknown | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Privilege Management Reporting in BeyondInsight | | 21.2 | Fixed | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust | Secure Remote Access appliances | | | Not Affected | [link](https://www.beyondtrust.com/blog/entry/security-advisory-apache-log4j2-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| BeyondTrust Bomgar | | | | Unknown | [link](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BioMerieux | | | | Unknown | [link](https://www.biomerieux.com/en/cybersecurity-data-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| BisectHosting | | | | Unknown | [link](https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BitDefender | | | | Unknown | [link](https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BitNami By VMware | | | | Unknown | [link](https://docs.bitnami.com/general/security/security-2021-12-10/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BitRise | | | | Unknown | [link](https://blog.bitrise.io/post/bitrises-response-to-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Bitwarden | | | | Unknown | [link](https://community.bitwarden.com/t/log4j-log4shell-cve-is-bitwarden-affected-due-to-docker-image/36177/2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Biztory | Fivetran | | | Unknown | [link](https://www.biztory.com/blog/apache-log4j2-vulnerability) | | Vendor review indicated Fivetran is not vulnerable to Log4j2 | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Black Kite | | | | Unknown | [link](https://blackkite.com/log4j-rce-vulnerability-log4shell-puts-millions-at-risk/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Blancco | | | | Unknown | [link](https://support.blancco.com/display/NEWS/2021/12/12/CVE-2021-44228+-+Critical+vulnerability+in+Apache+Log4j+library) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Blumira | | | | Unknown | [link](https://www.blumira.com/cve-2021-44228-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | Bladelogic Database Automation | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC AMI Ops | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC AMI Products | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Compuware | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Automation Console | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Business Workflows | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Client Management | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Cloud Cost | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Cloud Security | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix CMDB | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Continuous Optimization | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Control-M | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Digital Workplace | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Discovery | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix ITSM | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Knowledge Management | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Operations Management with AIOps | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Platform | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix platform | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Remediate | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Remediate | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Remedyforce | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | BMC Helix Virtual Agent | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | Cloud Lifecycle Management | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | Control-M | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | Footprints | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | MainView Middleware Administrator | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | MainView Middleware Monitor | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | Remedy ITSM (IT Service Management) | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | SmartIT | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | Track-It! | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | TrueSight Automation for Networks | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | TrueSight Automation for Servers | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | TrueSight Capacity Optimization | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | TrueSight Infrastructure Management | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | TrueSight Operations Management | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BMC | TrueSight Orchestration | | | Unknown | [link](https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Bosch | | | | Unknown | [link](https://bosch-iot-suite.com/news/apache-log4j-rce-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Boston Scientific | | | | Unknown | [link](https://www.bostonscientific.com/content/dam/bostonscientific/corporate/product-security/bsc_statement_on_apache_log4j-v1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Box | | | | Unknown | [link](https://blog.box.com/boxs-statement-recent-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Brainworks | | | | Unknown | [link](https://www.brainworks.de/log4j-exploit-kerio-connect-workaround/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| BrightSign | | | | Unknown | [link](https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Advanced Secure Gateway (ASG) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Automic Automation | | | Unknown | [link](https://knowledge.broadcom.com/external/article?articleId=230308) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | BCAAA | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | CA Advanced Authentication | 9.1 | | Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | CA Risk Authentication | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | CA Strong Authentication | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Cloud Workload Protection (CWP) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Cloud Workload Protection for Storage (CWP:S) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | CloudSOC Cloud Access Security Broker (CASB) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Content Analysis (CA) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Critical System Protection (CSP) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Data Center Security (DCS) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Data Loss Prevention (DLP) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Email Security Service (ESS) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Ghost Solution Suite (GSS) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | HSM Agent | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Industrial Control System Protection (ICSP) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Integrated Cyber Defense Manager (ICDm) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Integrated Secure Gateway (ISG) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | IT Management Suite | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Layer7 API Developer Portal | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Layer7 API Gateway | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Layer7 Mobile API Gateway | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Management Center (MC) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | PacketShaper (PS) S-Series | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | PolicyCenter (PC) S-Series | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Privileged Access Manager | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Privileged Access Manager Server Control | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Privileged Identity Manager | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | ProxySG | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Reporter | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Secure Access Cloud (SAC) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Security Analytics (SA) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | SiteMinder (CA Single Sign-On) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | SSL Visibility (SSLV) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Control Compliance Suite (CCS) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Directory | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Endpoint Detection and Response (EDR) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Endpoint Encryption (SEE) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Endpoint Protection (SEP) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Endpoint Protection (SEP) for Mobile | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Endpoint Protection Manager (SEPM) | 14.3 | | Affected | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Identity Governance and Administration (IGA) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Mail Security for Microsoft Exchange (SMSMSE) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Messaging Gateway (SMG) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec PGP Solutions | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Protection Engine (SPE) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Symantec Protection for SharePoint Servers (SPSS) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | VIP | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | VIP Authentication Hub | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Web Isolation (WI) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | Web Security Service (WSS) | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Broadcom | WebPulse | | | Unknown | [link](https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,286 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| C4b XPHONE | | | | Unknown | [link](https://www.c4b.com/de/news/log4j.php) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Campbell Scientific | All | | | Unknown | [link](https://s.campbellsci.com/documents/us/miscellaneous/log4j2-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Camunda | | | | Unknown | [link](https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Canary Labs | All | | | Unknown | [link](https://helpcenter.canarylabs.com/t/83hjjk0/log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Canon | Canon DR Products CXDI_NE) | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | Such as Omnera, FlexPro, Soltus | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | CT Medical Imaging Products | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | Eye-Care Products | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | MR Medical Imaging Products | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | NM Medical Imaging Products | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | UL Medical Imaging Products | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | Vitrea Advanced 7.x | All | | Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | VL Alphenix Angio Workstation (AWS) | All | | Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | VL Infinix-i Angio Workstation (AWS) | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Canon | XR Medical Imaging Products | | | Not Affected | [link](https://global.medical.canon/service-support/securityinformation/apache_log4j_vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| CapStorm | Copystorm | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| CarbonBlack | | | | Unknown | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Carestream | | | | Unknown | [link](https://www.carestream.com/en/us/services-and-support/cybersecurity-and-privacy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Carrier | | | | Unknown | [link](https://www.corporate.carrier.com/product-security/advisories-resources/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CAS genesisWorld | | | | Unknown | [link](https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cato Networks | | | | Unknown | [link](https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cepheid | C360 | | | Unknown | [link](https://www.cepheid.com/en_US/legal/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Cepheid | GeneXpert | | | Unknown | [link](https://www.cepheid.com/en_US/legal/product-security-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Cerberus FTP | | | | Unknown | [link](https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Chaser Systems | discrimiNAT Firewall | | | Not Affected | [link](https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | CloudGuard | | | Not Affected | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | Harmony Endpoint & Harmony Mobile | | | Not Affected | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | Infinity Portal | | | Unknown | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | Quantum Security Gateway | | | Not Affected | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | Quantum Security Management | | | Not Affected | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | Where used, uses the 1.8.0\_u241 version of the JRE that protects against this attack by default. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | SMB | | | Not Affected | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Check Point | ThreatCloud | | | Unknown | [link](https://supportcontent.checkpoint.com/solutions?id=sk176865) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CheckMK | | | | Unknown | [link](https://forum.checkmk.com/t/checkmk-not-affected-by-log4shell/28643/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ciphermail | | | | Unknown | [link](https://www.ciphermail.com/blog/ciphermail-gateway-and-webmail-messenger-are-not-vulnerable-to-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CircleCI | CircleCI | | | Unknown | [link](https://discuss.circleci.com/t/circleci-log4j-information-cve-2021-4422) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| CIS | | | | Unknown | [link](https://cisecurity.atlassian.net/servicedesk/customer/portal/15/article/2434301961) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | AppDynamics | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco ACI Multi-Site Orchestrator | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco ACI Virtual Edge | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Adaptive Security Appliance (ASA) Software | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Advanced Web Security Reporting Application | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco AMP Virtual Private Cloud Appliance | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco AnyConnect Secure Mobility Client | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Application Policy Infrastructure Controller (APIC) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco ASR 5000 Series Routers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Broadcloud Calling | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco BroadWorks | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Catalyst 9800 Series Wireless Controllers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco CloudCenter Suite Admin | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco CloudCenter Workload Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Cognitive Intelligence | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Common Services Platform Collector | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Computer Telephony Integration Object Server (CTIOS) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Connected Grid Device Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Connected Mobile Experiences | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Connectivity | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Contact Center Domain Manager (CCDM) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Contact Center Management Portal (CCMP) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Crosswork Change Automation | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco CX Cloud Agent Software | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Data Center Network Manager (DCNM) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Defense Orchestrator | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco DNA Assurance | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco DNA Center | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco DNA Spaces | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Elastic Services Controller (ESC) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Emergency Responder | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Enterprise Chat and Email | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Enterprise NFV Infrastructure Software (NFVIS) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Evolved Programmable Network Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Extensible Network Controller (XNC) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Finesse | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Firepower Management Center | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Firepower Threat Defense (FTD) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco GGSN Gateway GPRS Support Node | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco HyperFlex System | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Identity Services Engine (ISE) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Integrated Management Controller (IMC) Supervisor | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Intersight | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Intersight Virtual Appliance | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco IOS and IOS XE Software | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco IoT Operations Dashboard | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco IOx Fog Director | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco IP Services Gateway (IPSG) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Kinetic for Cities | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco MDS 9000 Series Multilayer Switches | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Meeting Server | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco MME Mobility Management Entity | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Modeling Labs | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Network Assessment (CNA) Tool | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Network Assurance Engine | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Network Convergence System 2000 Series | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Network Planner | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Network Services Orchestrator (NSO) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus 5500 Platform Switches | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus 5600 Platform Switches | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus 6000 Series Switches | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus 7000 Series Switches | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus Dashboard (formerly Cisco Application Services Engine) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus Data Broker | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Nexus Insights | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Optical Network Planner | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Packaged Contact Center Enterprise | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Paging Server | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Paging Server (InformaCast) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco PDSN/HA Packet Data Serving Node and Home Agent | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco PGW Packet Data Network Gateway | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Policy Suite | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Central for Service Providers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Collaboration Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Collaboration Provisioning | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Infrastructure | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime License Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Network | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Optical for Service Providers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Provisioning | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Prime Service Catalog | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Registered Envelope Service | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco SD-WAN vEdge 1000 Series Routers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco SD-WAN vEdge 2000 Series Routers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco SD-WAN vEdge 5000 Series Routers | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco SD-WAN vEdge Cloud Router Platform | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco SD-WAN vManage | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Secure Network Analytics (SNA), formerly Stealthwatch | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco SocialMiner | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco System Architecture Evolution Gateway (SAEGW) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco TelePresence Management Suite | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco UCS Director | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco UCS Performance Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Umbrella | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Attendant Console Advanced | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Attendant Console Business Edition | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Attendant Console Department Edition | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Attendant Console Enterprise Edition | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Attendant Console Premium Edition | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Communications Manager Cloud | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Contact Center Enterprise | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Contact Center Enterprise - Live Data server | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Contact Center Express | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified Intelligent Contact Management Enterprise | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Unified SIP Proxy Software | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Video Surveillance Operations Manager | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Virtualized Voice Browser | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Vision Dynamic Signage Director | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco WAN Automation Engine (WAE) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Web Security Appliance (WSA) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Webex Cloud-Connected UC (CCUC) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Webex Meetings Server | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Webex Teams | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Cisco Wide Area Application Services (WAAS) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Duo | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | DUO network gateway (on-prem/self-hosted) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | duo network gateway (on-prem/self-hosted) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Exony Virtualized Interaction Manager (VIM) | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cisco | Managed Services Accelerator (MSX) Network Access Control Service | | | Unknown | [link](https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Citrix | Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Application Delivery Management (NetScaler MAS) | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Cloud Connector | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Connector Appliance for Cloud Services | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Content Collaboration (ShareFile Integration)–Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Endpoint Management (Citrix XenMobile Server) | | 10.14 RP2, 10.13 RP5, 10.12 RP10 | Fixed | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Hypervisor (XenServer) | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix License Server | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix SD-WAN | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Virtual Apps and Desktops (XenApp & XenDesktop) | | Linux Virtual Delivery Agent 2112 | Fixed | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | Citrix Workspace App | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Citrix | ShareFile Storage Zones Controller | | | Not Affected | [link](https://support.citrix.com/article/CTX335705) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Claris | | | | Unknown | [link](https://support.claris.com/s/article/CVE-2021-44228-Apache-Log4j-Vulnerability-and-Claris-products?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | AM2CM Tool | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Ambari | Only versions 2.x, 1.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Arcadia Enterprise | Only version 7.1.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | CDH, HDP, and HDF | Only version 6.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | CDP Operational Database (COD) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | CDP Private Cloud Base | Only version 7.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | CDS 3 Powered by Apache Spark | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | CDS 3.2 for GPUs | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Cybersecurity Platform | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Engineering (CDE) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Engineering (CDE) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Flow (CFM) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Science Workbench (CDSW) | Only versions 2.x, 3.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Visualization (CDV) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Warehouse (CDW) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Data Warehouse (CDW) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera DataFlow (CDF) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Edge Management (CEM) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Enterprise | Only version 6.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Flow Management (CFM) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Machine Learning (CML) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Machine Learning (CML) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) | Only versions 7.0.x, 7.1.x, 7.2.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Manager (Including Backup Disaster Recovery (BDR)) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) | Only versions 7.0.x, 7.1.x, 7.2.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Stream Processing (CSP) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Streaming Analytics (CSA) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Cloudera Streaming Analytics (CSA) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Data Analytics Studio (DAS) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Data Catalog | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Data Lifecycle Manager (DLM) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Data Steward Studio (DSS) | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Hortonworks Data Flow (HDF) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Hortonworks Data Platform (HDP) | Only versions 7.1.x, 2.7.x, 2.6.x | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Hortonworks DataPlane Platform | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Management Console | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Management Console for CDP Public Cloud | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Replication Manager | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | SmartSense | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Workload Manager | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Workload XM | All versions | | Affected | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudera | Workload XM (SaaS) | | | Unknown | [link](https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CloudFlare | | | | Unknown | [link](https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudian HyperStore | | | | Unknown | [link](https://cloudian-support.force.com/s/article/SECURITY-Cloudian-HyperStore-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudogu | Ecosystem | All | | Affected | [link](https://community.cloudogu.com/t/security-vulnerability-log4shell-cve-2021-44228/417) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudogu | SCM-Manager | | | Unknown | [link](https://scm-manager.org/blog/posts/2021-12-13-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cloudron | | | | Unknown | [link](https://forum.cloudron.io/topic/6153/log4j-and-log4j2-library-vulnerability?lang=en-US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Clover | | | | Unknown | [link](https://community.clover.com/articles/35868/apache-log4j-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Code42 | Code42 App | | 8.8.1 | Fixed | [link](https://success.code42.com/hc/en-us/articles/4416158712343-RELEASE-NOTIFICATION-Code42-Vulnerability-Mitigation-for-CVE-2021-44228-and-other-updates) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Code42 | Crashplan | | All | Fixed | [link](https://success.code42.com/hc/en-us/articles/4416158712343-RELEASE-NOTIFICATION-Code42-Vulnerability-Mitigation-for-CVE-2021-44228-and-other-updates) | The CrashPlan app is EOL and is now called Code42. If you detect CrashPlan installed, it is vulnerable. You can update easily to Code42 8.8.1 or newer. | [https://www.crashplan.com/en-us/business/resources/crashplan-for-small-business-updates-its-desktop-app/](https://www.crashplan.com/en-us/business/resources/crashplan-for-small-business-updates-its-desktop-app/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| CodeBeamer | | | | Unknown | [link](https://codebeamer.com/cb/wiki/19872365) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Codesys | | | | Unknown | [link](https://www.codesys.com/news-events/news/article/log4j-not-used-in-codesys.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cohesity | | | | Unknown | [link](https://support.cohesity.com/s/article/Security-Advisory-Apache-Log4j-Remote-Code-Execution-RCE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CommVault | | | | Unknown | [link](https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Concourse | Concourse | | | Unknown | [link](https://github.com/concourse/concourse/discussions/7887) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ConcreteCMS.com | | | | Unknown | [link](https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Confluent | Confluent Cloud | | N/A | Fixed | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent ElasticSearch Sink Connector | <11.1.7 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent for Kubernetes | | | Not Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent Google DataProc Sink Connector | <1.1.5 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent HDFS 2 Sink Connector | <10.1.3 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent HDFS 3 Sink Connector | <1.1.8 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent Kafka Connectors | | | Not Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent Platform | <7.0.1 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent Splunk Sink Connector | <2.05 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Confluent | Confluent VMWare Tanzu GemFire Sink Connector | <1.0.8 | | Affected | [link](https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability#impact-to-connectors) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Connect2id | | | | Unknown | [link](https://connect2id.com/blog/connect2id-server-12-5-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ConnectWise | | | | Unknown | [link](https://www.connectwise.com/company/trust/advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ContrastSecurity | | | | Unknown | [link](https://support.contrastsecurity.com/hc/en-us/articles/4412612486548) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ControlUp | | | | Unknown | [link](https://status.controlup.com/incidents/qqyvh7b1dz8k) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| COPADATA | All | | | Unknown | [link](https://www.copadata.com/fileadmin/user_upload/faq/files/InformationReport_CVE_2021_44228.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| CouchBase | | | | Unknown | [link](https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CPanel | | | | Unknown | [link](https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Cradlepoint | | | | Unknown | [link](https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Crestron | | | | Unknown | [link](https://www.crestron.com/Security/Security_Advisories/Apache-Log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| CrushFTP | | | | Unknown | [link](https://www.crushftp.com/download.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CryptShare | | | | Unknown | [link](https://www.cryptshare.com/en/support/cryptshare-support/#c67572) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CyberArk | Privileged Threat Analytics (PTA) | | N/A | Fixed | [link](https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228) | | This advisory is available to customers only and has not been reviewed by CISA. | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Cybereason | | | | Unknown | [link](https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| CyberRes | | | | Unknown | [link](https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,398 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Daktronics | All Sport Pro | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Dakronics Media Player | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Dakronics Web Player | DWP-1000 | | Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DWP-1000 is not present in our codebase, but awaiting confirmation from LG re webOS platform. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Data Vision Software (DVS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DVS has one microservice that uses Log4j, but it uses a version that is not impacted. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Dynamic Messaging System (DMS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Dynamic Messaging System - DMS Core Player | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Dynamic Messaging System - DMS Player hardware | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Dynamic Messaging System - DMS Web Player | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | DMS Web Player not present in our codebase, but awaiting confirmation from LG re webOS platform. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | IBoot - Dataprobe IBoot Devices | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Outdoor Smartlink Devices | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Routers - Cisco Meraki Z3/Z3c Routers | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Routers - Cisco Z1 Routers | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Routers - Sierra Wireless RV50x/RV50 | A-3350704 | | Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Show Control System (SCS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Vanguard | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Venus 1500 | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Venus Control Suite (VCS) | | | Unknown | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Video Image Processors | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| Daktronics | Webcam - Mobotix | | | Not Affected | [link](https://www.daktronics.com/en-us/support/kb/000025337) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| DarkTrace | All | | | Unknown | [link](https://customerportal.darktrace.com/inside-the-soc/get-article/201) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Dassault Systèmes | All | | | Unknown | [link](https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Databricks | All | | | Unknown | [link](https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Datadog | Datadog Agent | | >=6.17.0, <=6.32.2, >=7.17.0, <=7.32.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | JMX monitoring component leverages an impacted version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Datadog | datadog-kafka-connect-logs | | < 1.0.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | Version 1.0.2 of the library uses version 2.16.0 of Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Datadog | datadog-lambda-java | | < 1.0.2 | Fixed | [link](https://www.datadoghq.com/log4j-vulnerability/) | Following AWS recommendation, library updated using the latest version of amazon-lambda-java-log4j2 (1.4.0). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Dataminer | All | | | Unknown | [link](https://community.dataminer.services/responding-to-log4shell-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Datev | | | | Unknown | [link](https://www.datev-community.de/t5/Freie-Themen/Log4-J-Schwachstelle/m-p/258185/highlight/true#M14308) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Datto | All | | | Unknown | [link](https://www.datto.com/blog/dattos-response-to-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| DBeaver | All | | | Not Affected | [link](https://www.dcache.org/post/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| dCache.org | All | | | Unknown | [link](https://www.dcache.org/post/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Debian | Apache-log4j.1.2 | | | Not Affected | [link](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Debian | Apache-log4j2 | | | Unknown | [link](https://security-tracker.debian.org/tracker/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Decos | Cloud | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Decos | EvenementenAssistent + InkomensAssistent + Leerlingenvervoer + AIM online | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Decos | Fixi | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Decos | Integrations (StUF/ZGW/Doclogic-DataIntegrator) | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Decos | JOIN Klant Contact | | | Not Affected | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Decos | JOIN Zaak &I Document (on-premise) | | All | Fixed | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | The solution contains Elasticsearch (vulnerable). Mitigating actions available on our WIKI. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Decos | JOIN Zaak &I Document (on-premise) | | All | Fixed | [link](https://decos.freshdesk.com/nl/support/solutions/articles/17000121598) | The SaaS hosted solution contains Logstash + Elasticsearch (vulnerable). Mitigating actions taken. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| Deepinstinct | All | | | Unknown | [link](https://www.deepinstinct.com/blog/log4shell-cve-2021-44228-what-you-need-to-know) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Dell | Alienware Command Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Alienware OC Controls | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Alienware On Screen Display | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Alienware Update | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | APEX Console | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | APEX Data Storage Services | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patch in progress. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Atmos | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Avamar vproxy | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | CalMAN Powered Calibration Firmware | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | CalMAN Ready for Dell | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Centera | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Chameleon Linux Based Diagnostics | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Chassis Management Controller (CMC) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | China HDD Deluxe | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, XPS, Vostro, ChengMing) BIOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Cloud IQ | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Cloud environment patched. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Cloud Mobility for Dell EMC Storage | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Cloud Tiering Appliance | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | CloudIQ Collector | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Common Event Enabler | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Connectrix (Cisco MDS 9000 switches) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Connectrix (Cisco MDS DCNM) | V, e, r, s, i, o, n, s, , p, r, i, o, r, , t, o, , 1, 1, ., 5, (, 1, x, ) | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/23/21. | [DSA-2021-302](https://www.dell.com/support/kbdoc/en-us/000194797/dsa-2021-302-dell-connectrix-mds-dcnm-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Connectrix B-Series SANnav | 2.1.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 2/28/2022. | [DSA-2021-266](https://www.dell.com/support/kbdoc/en-us/000194461/dsa-2021-266-dell-emc-connectrix-b-series-sannav-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Connextrix B Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | CyberSecIQ Application | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | CyberSense for PowerProtect Cyber Recovery | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Data Domain OS | Versions from 7.3.0.5 to 7.7.0.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-274 | [DSA-2021-274](https://www.dell.com/support/kbdoc/en-us/000194503/dsa-2021-274-dell-emc-data-domain-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell BSAFE Crypto-C Micro Edition | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell BSAFE Crypto-J | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell BSAFE Micro Edition Suite | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Calibration Assistant | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Cinema Color | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Cloud Command Repository Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Cloud Management Agent | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Color Management | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command Configure | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command Integration Suite for System Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command Intel vPro Out of Band | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command Monitor | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command Power Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command PowerShell Provider | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Command Update | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Customer Connect | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Data Guardian* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Data Protection* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Data Recovery Environment | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Data Vault | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Data Vault for Chrome OS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Deployment Agent | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Digital Delivery | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Direct USB Key | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Display Manager 1.5 for Windows / macOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Display Manager 2.0 for Windows / macOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC AppSync | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Avamar | 18.2, 19.1, 19.2, 19.3, 19.4 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21. | [DSA-2021-277](https://www.dell.com/support/kbdoc/en-us/000194480/dsa-2021-277-dell-emc-avamar-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC BSN Controller Node | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-305 | [DSA-2021-305](https://www.dell.com/support/kbdoc/en-us/000194631/dsa-2021-305-dell-emc-bsn-controller-node-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Cloud Disaster Recovery | Versions from 19.6 and later | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending | [DSA-2021-289](https://www.dell.com/support/kbdoc/en-us/000194663/dsa-2021-289-dell-emc-cloud-disaster-recovery-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-and-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Cloudboost | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC CloudLink | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Container Storage Modules | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Data Computing Appliance (DCA) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Data Protection Advisor | | 18.x (or earlier) -standalone DPA is EOSL, 18.2.x (IDPA), 19.1.x, 19.2.x, 19.3.x, 19.4.x, 19.5.x, 19.6.0 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | [DSA-2021-309](https://www.dell.com/support/kbdoc/en-us/000194651/dsa-2021-309-dell-emc-dpa-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Data Protection Central | | 18.2.x-19.4.x, 19.5.0-19.5.0.7 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-269 | [DSA-2021-269](https://www.dell.com/support/kbdoc/en-us/000194557/dsa-2021-269-dell-emc-data-protection-central-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Data Protection Search | Versions before 19.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-279 | [DSA-2021-279](https://www.dell.com/support/kbdoc/en-us/000194629/dsa-2021-279-dell-emc-data-protection-search-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC DataIQ | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Disk Library for Mainframe | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Enterprise Storage Analytics for vRealize Operations | <6.0.0, 6.1.0, 6.2.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-278 | [DSA-2021-278](https://www.dell.com/support/kbdoc/en-us/000194488/dsa-2021-278) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC GeoDrive | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Integrated System for Azure Stack HCI | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. See DSA-2021-307. | [DSA-2021-307](https://www.dell.com/support/kbdoc/en-us/000194622/dsa-2021-307-dell-emc-integrated-system-for-azure-stack-hci-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Integrated System for Microsoft Azure Stack Hub | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patchexpected by 2022-01-31. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Isilon InsightIQ | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC License Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Metro Node | Versions before 7.0.1 P2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-308 | [DSA-2021-308](https://www.dell.com/support/kbdoc/en-us/000194630/dsa-2021) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC NetWorker | 19.4.x, 19.5.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | [DSA-2021-280](https://www.dell.com/support/kbdoc/en-us/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC NetWorker VE | 19.4.x, 19.5.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | [DSA-2021-280](https://www.dell.com/support/kbdoc/en-us/000194541/dsa-2021-280-dell-emc-networker-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Networking Onie | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Networking Virtual Edge Platform with VersaOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC OpenManage Ansible Modules | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC OpenManage Enterprise Services | Version 1.2 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/20/21 | [DSA-2021-276](https://www.dell.com/support/kbdoc/en-us/000194652/dsa-2021-276-dell-emc-openmanage-enterprise-services-security-update-for-apache-log4j-remote-code-execution-vulnerabilities-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC OpenManage integration for Splunk | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC OpenManage Integration for VMware vCenter | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC OpenManage Management pack for vRealize Operations | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerFlex Appliance | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-293. | [DSA-2021-293](https://www.dell.com/support/kbdoc/en-us/000194579/dsa-2021-293-dell-powerflex-appliance-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerFlex Rack | RCM 3.3 train - all versions up to 3.3.11.0, RCM 3.4 train - all versions up to 3.4.6.0, RCM 3.5 train - all versions up to 3.5.6.0, RCM 3.6 train - all versions up to 3.6.2.0 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-292. | [DSA-2021-292](https://www.dell.com/support/kbdoc/en-us/000194578/dsa-2021-292-dell-powerflex-rack-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerFlex Software (SDS) | 3.5, 3.5.1, 3.5.1.1, 3.5.1.2, 3.5.1.3, 3.5.1.4, 3.6, 3.6.0.1, 3.6.0.2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-272. | [DSA-2021-272](https://www.dell.com/support/kbdoc/en-us/000194548/dsa-2021-272-dell-powerflex-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerPath | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerPath Management Appliance | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerProtect Cyber Recovery | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerProtect Data Manager | All versions 19.9 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-286. | [DSA-2021-286](https://www.dell.com/support/kbdoc/en-us/000194549/dsa-2021-286-dell-emc-power-protect-data-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerProtect DP Series Appliance (iDPA) | 2.7.0 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA 2021-285. | [DSA-2021-285](https://www.dell.com/support/kbdoc/en-us/000194532/dsa-2021-285-dell-emc-integrated-data-protection-appliance-powerprotect-dp-series-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerScale OneFS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerShell for PowerMax | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerShell for Powerstore | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerShell for Unity | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerStore | Versions before 2.0.1.3-1538564 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-295. | [DSA-2021-295](https://www.dell.com/support/kbdoc/en-us/000194739/dsa-2021-295-dell-emc-powerstore-family-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-and-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerSwitch Z9264F-ON BMC | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerSwitch Z9432F-ON BMC | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC PowerVault ME4 Series Storage Arrays | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC RecoverPoint | All | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA 2021-284. | [DSA 2021-284](https://www.dell.com/support/kbdoc/en-us/000194531/dsa-2021-284-dell-emc-recoverpoint-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Repository Manager (DRM) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Ruckus SmartZone 100 Controller | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | [DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Ruckus SmartZone 300 Controller | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | [DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Ruckus Virtual Software | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-303 | [DSA-2021-303](https://www.dell.com/support/kbdoc/en-us/000194616/dsa-2021-303-dell-emc-ruckus-wireless-controller-and-virtual-software-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC SourceOne | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC SRM | | Versions before 4.6.0.2 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-301. | [DSA-2021-301](https://www.dell.com/support/kbdoc/en-us/000194613/dsa-2021-301) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Streaming Data Platform | 1.1, 1.2, 1.2 HF1, 1.3, 1.3.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-297. | [DSA-2021-297](https://www.dell.com/support/kbdoc/en-us/000194627/dsa-2021-297-dell-emc-streaming-data-platform-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Systems Update (DSU) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Unisphere 360 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Unity | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-294. | [DSA-2021-294](https://www.dell.com/support/kbdoc/en-us/000194826/dsa-2021-294-dell-emc-unity-dell-emc-unityvsa-and-dell-emc-unity-xt-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC Virtual Storage Integrator | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC VPLEX | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC vProtect | 19.5-19.9 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2022-007. | [DSA-2022-007](https://www.dell.com/support/kbdoc/en-us/000195003/title-dsa-2022-007-dell-emc-vprotect-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC VxRail | 4.5.x, 4.7.x, 7.0.x | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-265. | [DSA-2021-265](https://www.dell.com/support/kbdoc/en-us/000194466/dsa-2021-265-dell-emc-vxrail-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC XC | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-311. | [DSA-2021-311](https://www.dell.com/support/kbdoc/en-us/000194822/dsa-2021-311-dell-emc-xc-series-and-core-appliance-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell EMC XtremIO | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Encryption Enterprise* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Encryption Personal* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Endpoint Security Suite Enterprise* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Hybrid Client | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell ImageAssist | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Insights Client | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Linux Assistant | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Memory Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Mobile Connect | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Monitor ISP (Windows/Mac/Linux) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Monitor SDK | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Networking X-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Change Management | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Enterprise | Versions before 3.8.2 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-275 | [DSA-2021-275](https://www.dell.com/support/kbdoc/en-us/000194638/dsa-2021-275-dell-emc-openmanage-enterprise-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Enterprise CloudIQ plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Enterprise Modular | Versions before 1.40.10 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-268 | [DSA-2021-268](https://www.dell.com/support/kbdoc/en-us/000194625/dsa-2021-268-dell-emc-openmanage-enterprise-modular-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Enterprise Power Manager plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Mobile | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OpenManage Server Administrator | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Optimizer | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell OS Recovery Tool | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Peripheral Manager 1.4 / 1.5 for Windows | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Platform Service | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Power Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Power Manager Lite | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Precision Optimizer | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Precision Optimizer for Linux | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Premier Color | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Recovery (Linux) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Remediation Platform | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Remote Execution Engine (DRONE) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Security Advisory Update - DSA-2021-088 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Security Management Server & Dell Security Management Server Virtual* | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell SupportAssist SOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Thin OS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Threat Defense | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell True Color | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Trusted Device | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dell Update | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Dream Catcher | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | DUP Creation Service | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | DUP Framework (ISG) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | ECS | | 3.3.x, 3.4.x, 3.5.x, 3.6.0.x, 3.6.1.x, 3.6.2.0 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-273. | [DSA-2021-273](https://www.dell.com/support/kbdoc/en-us/000194612/dsa-2021-273-dell-emc-ecs-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Embedded NAS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Embedded Service Enabler | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Enterprise Hybrid Cloud | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-270. | [DSA-2021-270](https://www.dell.com/support/kbdoc/en-us/000194490/dsa-2021-270-enterprise-hybrid-cloud-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Equallogic PS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Fluid FS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | iDRAC Service Module (iSM) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Infinity MLK (firmware) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Integrated Dell Remote Access Controller (iDRAC) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | ISG Accelerators | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | ISG Board & Electrical | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | ISG Drive & Storage Media | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | IsilonSD Management Server | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | IVE-WinDiag | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Mainframe Enablers | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | MDS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | My Dell | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | MyDell Mobile | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | NetWorker Management Console | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking BIOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking DIAG | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking N-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking OS 10 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking OS 9 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking SD-WAN Edge SD-WAN | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking W-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Networking X-Series | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OMIMSSC (OpenManage Integration for Microsoft System Center) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OMNIA | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OpenManage Connections - Nagios | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OpenManage Connections - ServiceNow | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OpenManage Integration for Microsoft System Center for System Center Operations Manager | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OpenManage Integration with Microsoft Windows Admin Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OpenManage Network Integration | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | OpenManage Power Center | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerConnect N3200 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerConnect PC2800 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerConnect PC8100 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerEdge Accelerator Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerEdge BIOS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerEdge Networking Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerEdge Operating Systems | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerEdge RAID Controller Solutions | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PowerTools Agent | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PPDM Kubernetes cProxy | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | PPDM VMware vProxy | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Redtail | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Remotely Anywhere | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Riptide (firmware) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Rugged Control Center (RCC) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SD ROM Utility | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SDNAS | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Secure Connect Gateway (SCG) Appliance | "5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)" | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-282 | [] | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Secure Connect Gateway (SCG) Appliance | | 5.00.00, 5.00.05, and 4.0.06 and earlier versions (OVF and VHD) | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-282 | [DSA-2021-282](https://www.dell.com/support/kbdoc/en-us/000194624/dsa-2021-282-dell-emc-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Secure Connect Gateway (SCG) Policy Manager | | 5.00.00.10, 5.00.05.10 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-281 | [DSA-2021-281](https://www.dell.com/support/kbdoc/en-us/000194539/dsa-2021-281-dell-emc-policy-manager-for-secure-connect-gateway-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Server Storage | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Smart Fabric Storage Software | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SmartByte | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SMI-S | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Software RAID | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Solutions Enabler | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Solutions Enabler vApp | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Sonic | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SRS Policy Manager | | 7.0 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-287. | [DSA-2021-287](https://www.dell.com/support/kbdoc/en-us/000194544/dsa-2021-287-dell-emc-srs-policy-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SRS VE | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Storage Center - Dell Storage Manager | 16.x, 17.x, 18.x, 19.x, 20.1.1 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-310. | [DSA-2021-310](https://www.dell.com/support/kbdoc/en-us/000194790/dsa-2021-310-storage-center-dell-storage-manager-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Storage Center OS and additional SC applications unless otherwise noted | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SupportAssist Client Commercial | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SupportAssist Client Consumer | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | SupportAssist Enterprise | 2.0.70 and earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-283. | [DSA-2021-283](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | UCC Edge | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Unisphere Central | | Versions before 4.0 SP 9.2 (4.0.9.1541235) | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-296. | [DSA-2021-296](https://www.dell.com/support/kbdoc/en-us/000194874/dsa-2021-296-dell-emc-unisphere-central-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228-cve-2021-45046-and-cve-2021-45105) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Unisphere for PowerMax | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Unisphere for PowerMax vApp | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Unisphere for VMAX | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Unisphere for VNX | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Update Manager Plugin | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Vblock | | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. | [vce6771](https://support-dellemc-com.secure.force.com/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | ViPR Controller | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VMware vRealize Automation 8.x | 8.2 8.3 8.4 8.5 and 8.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VMware vRealize Orchestrator 8.x | 8.2 8.3 8.4 8.5 and 8.6 | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch expected by 12/19/21 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VNX Control Station | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VNX1 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VNX2 | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VNXe 1600 | | Versions 3.1.16.10220572 and earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-299 | [DSA-2021-299](https://www.dell.com/support/kbdoc/en-us/000194605/dsa-2021-299-dell-emc-vnxe1600-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228?lang=en) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VNXe 3200 | | Version 3.1.15.10216415 and earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-298 | [DSA-2021-298](https://www.dell.com/support/kbdoc/en-us/000194606/dsa-2021-298-dell-emc-vnxe3200-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228?lang=en) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VPLEX VS2/VS6 / VPLEX Witness | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRealize Data Protection Extension Data Management | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-290. | [DSA-2021-290](https://www.dell.com/support/kbdoc/en-us/000194614/dsa-2021-290-dell-emc-vrealize-data-protection-extension-for-vrealize-automation-vra-8-x-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage | | | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300. | [DSA-2021-300](https://www.dell.com/support/kbdoc/en-us/000194610/dsa-2021-300) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRO Plugin for Dell EMC PowerMax | | Version 1.2.3 or earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRO Plugin for Dell EMC PowerScale | | Version 1.1.0 or earlier | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRO Plugin for Dell EMC PowerStore | Version 1.1.4 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRO Plugin for Dell EMC Unity | Version 1.0.6 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | vRO Plugin for Dell EMC XtremIO | Version 4.1.2 or earlier | | Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-300 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Vsan Ready Nodes | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | VxBlock | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. | [vce6771](https://support-dellemc-com.secure.force.com/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Warnado MLK (firmware) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Wyse Management Suite | | < 3.5 | Fixed | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | See DSA-2021-267 | [DSA-2021-267](https://www.dell.com/support/kbdoc/en-us/000194459/dsa-2021-267-dell-wyse-management-suite-security-update-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Wyse Proprietary OS (ThinOS) | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dell | Wyse Windows Embedded Suite | | | Not Affected | [link](https://www.dell.com/support/kbdoc/en-us/000194414/dell-response-to-apache-log4j-remote-code-execution-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Deltares | Delft-FEWS | | >2018.02 | Fixed | [link](https://publicwiki.deltares.nl/display/FEWSDOC/Delft-FEWS+and+Log4J+vulnerability) | Mitigations Only | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Denequa | All | | | Unknown | [link](https://denequa.de/log4j-information.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Device42 | All | | | Not Affected | [link](https://blog.device42.com/2021/12/13/log4j-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Devolutions | All | | | Not Affected | [link](https://blog.devolutions.net/2021/12/critical-vulnerability-in-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Diebold Nixdorf | All | | | Unknown | [link](https://www.dieboldnixdorf.com/en-us/apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Digi International | AnywhereUSB Manager | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | ARMT | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Aview | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | AVWOB | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | CTEK G6200 family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | CTEK SkyCloud | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | CTEK Z45 family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi 54xx family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi 63xx family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi AnywhereUSB (G2) family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi AnywhereUSB Plus family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Connect EZ family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Connect family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Connect IT family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Connect Sensor family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Connect WS family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi ConnectPort family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi ConnectPort LTS family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Embedded Android | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Embedded Yocto | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi EX routers | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi IX routers | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi LR54 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Navigator | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi One family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Passport family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi PortServer TS family | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Remote Manager | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi TX routers | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi WR11 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi WR21 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi WR31 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi WR44R/RR | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi WR54 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi WR64 | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Digi Xbee mobile app | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Lighthouse | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Realport | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digi International | Remote Hub Config Utility | | | Not Affected | [link](https://www.digi.com/resources/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Digicert | All | | | Unknown | [link](https://knowledge.digicert.com/alerts/digicert-log4j-response.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Digital AI | All | | | Unknown | [link](https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Digital Alert Systems | All | | | Unknown | [link](https://www.digitalalertsystems.com/default-2.htm) | Formerly Monroe Electronics, Inc. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| DirectAdmin | All | | | Not Affected | [link](https://forum.directadmin.com/threads/new-zero-day-exploit-for-log4j-java-library-is-an-enterprise-nightmare.65173/#post-339723) | Invidivual plugins not developed as part of DirectAdmin core may be vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| DNSFilter | All | | | Unknown | [link](https://www.dnsfilter.com/blog/dnsfilter-response-to-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Docker | Infrastructure | | | Not Affected | [link](https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/) | Docker infrastructure not vulnerable, Docker images could be vulnerable. For more info see source. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Docusign | All | | | Unknown | [link](https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| DotCMS | Hybrid Content Management System | | | Fixed | [link](https://github.com/dotCMS/core/issues/21393) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| DrayTek | All | | | Not Affected | [link](https://www.draytek.com/about/security-advisory/log4shell-vulnerability-(cve-2021-44228)/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dropwizard | All | | | Not Affected | [link](https://twitter.com/dropwizardio/status/1469285337524580359) | Only vulnerable if you manually added Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Dräger | All | | | Not Affected | [link](https://static.draeger.com/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| DSpace | All | | | Unknown | [link](https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Dynatrace | ActiveGate | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | Cloud Services | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | Extensions | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | FedRamp SAAS | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | Managed cluster nodes | | | Not Affected | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | OneAgent | | | Not Affected | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | SAAS | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | Synthetic Private ActiveGate | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | Please see Dynatrace Communication for details | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Dynatrace | Synthetic public locations | | | Fixed | [link](https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |

@ -0,0 +1,263 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| EasyRedmine | All | | | Unknown | [link](https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Eaton | All | | | Unknown | [link](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf) | For security purposes direct notifications are being made to impacted customers. Please stay tuned for more updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| EclecticIQ | TIP | < 2.11 | | Affected | [link](https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2) | This advisory is available to customer only and has not been reviewed by CISA. The Threat Intel Platform includes Neo4j 3.5.12 (not vulnerable) and Elasticsearch and Logstash OSS 7.9.1 (vulnerable) see Elasticsearch below for mitigation. See link in their own fix for Logstash (Support account needed, ongoing investigation) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Eclipse Foundation | All | | | Unknown | [link](https://wiki.eclipse.org/Eclipse_and_log4j2_vulnerability_(CVE-2021-44228)) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Edwards | All | | | Not Affected | [link](https://www.edwards.com/devices/support/product-security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| EFI | All | | | Unknown | [link](https://communities.efi.com/s/article/Are-Fiery-Servers-vulnerable-to-CVE-2021-44228-Apache-Log4j2?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| eG Innovations | eG Enterprise | | | Not Affected | [link](https://www.eginnovations.com/brochures/eGEnterprise-and-Log4jShell-Vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-06 |
| EGroupware | All | | | Unknown | [link](https://help.egroupware.org/t/uk-de-statement-log4j-log4shell/76430) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Elastic | APM Java Agent | | 1.17.0 - 1.28.0 | Fixed | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | Only vulnerable with specific configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | APM Server | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Beats | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Cmd | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elastic Agent | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elastic Cloud | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elastic Cloud Enterprise | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elastic Cloud on Kubernetes | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elastic Endgame | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elastic Maps Service | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Elasticsearch | | 7.16.2 | Fixed | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Endpoint Security | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Enterprise Search | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Fleet Server | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Kibana | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Logstash | | 6.8.22 | Fixed | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Machine Learning | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Elastic | Swiftype | | | Not Affected | [link](https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ellucian | Admin | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Analytics | | | Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Document Management (includes Banner Document Retention) | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Event Publisher | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Integration for eLearning | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Integration for eProcurement | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Self Service | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Banner Workflow | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Colleague | | | Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | On-prem and cloud deployements expect fixed 12/18/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Colleague Analytics | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | CRM Advance | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | CRM Advise | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | CRM Recruit | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Advance Web Connector | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Data Access | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Design Path | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian ePrint | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Ethos API & API Management Center | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Ethos Extend | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Ethos Integration | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian eTranscripts | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Experience | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Intelligent Platform (ILP) | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian International Student and Scholar Management (ISSM) | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Message Service (EMS) | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Messaging Adapter (EMA) | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Mobile | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Payment Gateway | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Portal | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian PowerCampus | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Solution Manager | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Ellucian Workflow | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Ellucian | Enterprise Identity Services (BEIS) | | | Not Affected | [link](https://www.ellucian.com/news/ellucian-response-apache-log4j-issue) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 148 Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 2051 Pressure Transmitter Family | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 2088 Pressure Transmitter Family | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 2090F/2090P Pressure Transmitters | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 215 Pressure Sensor Module | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 248 Configuration Application | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 248 Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 3051 & 3051S Pressure transmitter families | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 3144P Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 326P Pressure Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 326T Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 327T Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 4088 Pressure Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 4088 Upgrade Utility | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 4600 Pressure Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 4732 Endeavor | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 550 PT Pressure Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 5726 Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 644 Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 648 Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | 848T Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Combustion - OCX OXT 6888 CX1100 6888Xi | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT2211 QCL Aerosol Microleak Detection System | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT3000 QCL Automotive OEM Gas Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT4000 QCL Marine OEM Gas Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT4215 QCL Packaging Leak Detection System | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT4400 QCL General Purpose Continuous Gas Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT4404 QCL pMDI Leak Detection Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT5100 QCL Field Housing Continuous Gas Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT5400 QCL General Purpose Continuous Gas Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | CT5800 QCL Flameproof Housing Continuous Gas Analyzer | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | DHNC1 DHNC2 | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | DHNC1 DHNC2 | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Emerson Aperio software | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Engineering Assistant | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Fieldwatch and Service consoles | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Fieldwatch and Service consoles | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Flame Detection - 975UF & 975UR Infrared Flame Detectors 975HR Infrared Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Flarecheck FlowCheck Flowel & PWAM software | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Flarecheck FlowCheck Flowel & PWAM software | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Gas Analysis - X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD) | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Gas Chromatographs - M500/2350A MON2000 700XA/1500XA 370XA MON2020 | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Gas Detection - Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Incus Ultrasonic gas leak detector | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | K-Series Coriolis Transmitters | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Liquid Transmitters - 5081 1066 1056 1057 56' | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Mark III Gas and Liquid USM | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | MPFM2600 & MPFM5726 | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Plantweb Advisor for Metrology and Metering Suite SDK | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Prolink Configuration Software | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Prolink Mobile Application & ProcessViz Software | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount 2230 Graphical Field Display | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount 2240S Multi-input Temperature Transmitter | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount 2410 Tank Hub | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount 2460 System Hub | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount 3490 Controller | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount CMS/IOU 61 | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount CMS/SCU 51/SCC | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount CMS/WSU 51/SWF 51 | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount IO-Link Assistant | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount Level Detectors (21xx) | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount Radar Configuration Tool | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount Radar Level Gauges (Pro 39xx 59xx) | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount RadarMaster | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount RadarMaster Plus | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount Tank Radar Gauges (TGUxx) | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount TankMaster | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Rosemount TankMaster Mobile | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Spectrex family Flame Detectors and Rosemount 975 flame detector | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | USM 3410 and 3810 Series Ultrasonic Transmitters | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | USM 3410 and 3810 Series Ultrasonic Transmitters | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | Vortex and Magmeter Transmitters | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Emerson | WCM SWGM | | | Not Affected | [link](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Enfocus | BoardingPass | | | Not Affected | [link](https://enfocus-community.force.com/customers/s/article/Are-the-Enfocus-products-impacted-by-the-log4j-security-vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Enfocus | Connect | | | Not Affected | [link](https://enfocus-community.force.com/customers/s/article/Are-the-Enfocus-products-impacted-by-the-log4j-security-vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Enfocus | PDF Review Module | | | Not Affected | [link](https://enfocus-community.force.com/customers/s/article/Are-the-Enfocus-products-impacted-by-the-log4j-security-vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Enfocus | PitStop | | | Not Affected | [link](https://enfocus-community.force.com/customers/s/article/Are-the-Enfocus-products-impacted-by-the-log4j-security-vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Enfocus | Switch | | | Not Affected | [link](https://enfocus-community.force.com/customers/s/article/Are-the-Enfocus-products-impacted-by-the-log4j-security-vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Enovation | All | | | Unknown | [link](https://enovationgroup.com/nl/nieuws/log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| EnterpriseDT | All | | | Unknown | [link](https://enterprisedt.com/blogs/announcements/enterprisedt-does-not-use-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ESET | All | | | Not Affected | [link](https://support.eset.com/en/alert8188-information-regarding-the-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ESET | Secure Authentication | | | Fixed | [link](https://support.eset.com/en/alert8188-information-regarding-the-log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ESRI | ArcGIS Data Store | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| ESRI | ArcGIS Enterprise | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| ESRI | ArcGIS GeoEvent Server | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| ESRI | ArcGIS Server | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| ESRI | ArcGIS Workflow Manager Server | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| ESRI | Portal for ArcGIS | | All | Fixed | [link](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Estos | All | | | Not Affected | [link](https://support.estos.de/de/sicherheitshinweise/estos-von-kritischer-schwachstelle-in-log4j-cve-2021-44228-nicht-betroffen) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| EVL Labs | JGAAP | | <8.0.2 | Fixed | [link](https://github.com/evllabs/JGAAP/releases/tag/v8.0.2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Evolveum Midpoint | Midpoint | | | Not Affected | [link](https://evolveum.com/midpoint-not-vulnerable-to-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ewon | All | | | Not Affected | [link](https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Ewon | eCatcher | | 6.7.6 | Fixed | [link](https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Exabeam | All | | | Unknown | [link](https://community.exabeam.com/s/discussions?t=1639379479381) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | AEC | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Audition | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | BoekhoudGemak | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Bouw7 | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Business Suite | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | CommunicatieGemak | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Consolidation powered by LucaNet | | | Fixed | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Digipoort | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | DigitaleFactuur | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Dimoni | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | EDI Gateway | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | FDS | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Financials | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | FiscaalGemak | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Globe Core Product | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Globe E-report/Crystal Reports | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Go2UBL | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Gripp | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | HR & SalarisGemak | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Insights (Qlik) | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Officient | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Online All core products | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Online Elastic Search | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Online Samenwerken (OSW) | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Payroll Plus (Loket) | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | ProAcc | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | ProQuro | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | RapportageGemak | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Reeleezee | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | ScanSys | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | SRXP | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Synergy Core Product | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Synergy Elastic Search | | 6.6.2 | Fixed | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | WerkprogrammaGemak | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | Winbooks | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exact | WMS | | | Not Affected | [link](https://www.exact.com/news/general-statement-apache-leak) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Exivity | On-Premise | | | Not Affected | [link](https://docs.exivity.com/getting-started/releases/announcements#announcement-regarding-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extensis | Universal Type Server | | >=7.0.6 | Fixed | [link](https://help.extensis.com/hc/en-us/articles/4412767414299-Universal-Type-Server-7-and-Log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ExtraHop | Reveal(x) | <=8.4.6, <=8.5.3, <=8.6.4 | | Affected | [link](https://forums.extrahop.com/t/extrahop-update-on-log4shell/8148) | Versions >8.4.7, >8.5.4, >8.6.5 and >=8.7 are fixed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| eXtreme Hosting | All | | | Not Affected | [link](https://extremehosting.nl/log4shell-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | 200-series | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | BOSS | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | EXOS | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Extreme AirDefense | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Extreme Campus Controller (Extreme Cloud Appliance) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Extreme Fabric Automation (EFA) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Extreme Management Center (XMC) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Extreme Visibility Manager (XVM) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeAnalytics | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeCloud A3 | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeCloud IQ | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeConnect | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeControl | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeGuest | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeLocation | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | ExtremeWireless (IdentiFi) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Fabric Manager | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Guest and IoT Manager (GIM) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | HiveManager Classic On-Premises | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | HiveManager Classic Online | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Ipanema Ip | Engine | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Ipanema SALSA | | 9.3.8, 9.4.3 | Fixed | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Ipanema SD-WAN Orchestrator | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | IQEngine (HiveOS) | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | IQVA | | 21.1.22.1-IQVA | Fixed | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | NetIron OS | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Network OS | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | NSight | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | SLX-OS | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | Traffic Sensor | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | VGVA | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | VOSS | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extreme Networks | WiNG | | | Not Affected | [link](https://extremeportal.force.com/ExtrArticleDetail?an=000100806) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Extron | All | | | Unknown | [link](https://www.extron.com/featured/Security-at-Extron/extron-security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,198 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| F-Secure | Elements Connector | | | Fixed | [link](https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F-Secure | Endpoint Proxy | | 13 through 15 | Fixed | [link](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F-Secure | Messaging Security Gateway | | | Fixed | [link](https://community.f-secure.com/common-business-en/kb/articles/9226-the-log4j-vulnerability-cve-2021-44228-which-f-secure-products-are-affected-what-it-means-what-steps-should-you-take) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F-Secure | Policy Manager | | 13 through 15 | Fixed | [link](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F-Secure | Policy Manager Proxy | | 13 through 15 | Fixed | [link](https://status.f-secure.com/incidents/sk8vmr0h34pd) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | BIG-IP (all modules) | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | BIG-IQ Centralized Management | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | F5OS | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX App Protect | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Controller | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Ingress Controller | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Instance Manager | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Open Source | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Plus | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Service Mesh | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | NGINX Unit | | | Not Affected | [link](https://support.f5.com/csp/article/K19026212) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| F5 | Traffix SDC | 5.x, 5.2.0 CF1, 5.1.0 CF-30 - 5.1.0 CF-33 | | Affected | [link](https://support.f5.com/csp/article/K19026212) | Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FAST LTA | All | | | Unknown | [link](https://blog.fast-lta.de/en/log4j2-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fastly | All | | | Unknown | [link](https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FedEx | Ship Manager Software | 340x | | Affected | [link](https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4) | Note - FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| FedEx | Ship Manager Software | | 3509 | Fixed | [link](https://www.fedex.com/en-us/shipping/ship-manager/software.html#tab-4) | Note - FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Fiix | Fiix CMMS Core | | v5 | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| FileCap | Plugins | | | Not Affected | [link](https://filecap.com/blog-posts/detecteer-log4shell-exploitatie-pogingen) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FileCap | Server | | 5.1.3 | Fixed | [link](https://filecap.com/blog-posts/detecteer-log4shell-exploitatie-pogingen) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FileCatalyst | All | | | Unknown | [link](https://support.filecatalyst.com/index.php/Knowledgebase/Article/View/advisory-log4j-zero-day-security-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FileCloud | All | | | Unknown | [link](https://www.getfilecloud.com/supportdocs/display/cloud/Advisory+2021-12-2+Impact+of+Apache+Log4j2+Vulnerability+on+FileCloud+Customers) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FileWave | All | | | Unknown | [link](https://kb.filewave.com/display/KB/Security+Notice:+Apache+log4j+Vulnerability+CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FileZilla | All | | | Not Affected | [link](https://forum.filezilla-project.org/viewtopic.php?f=6&t=54338) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FINVI | All | | | Unknown | [link](https://finvi.com/support/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FireDaemon | All | | | Unknown | [link](https://kb.firedaemon.com/support/solutions/articles/4000178630) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fisher & Paykel Healthcare | All | | | Not Affected | [link](https://www.fphcare.com/us/our-company/contact-us/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Flexagon | All | | | Unknown | [link](https://flexagon.com/what-is-the-impact-of-log4j-vulnerability-cve-2021-44228-on-flexdeploy/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Flexera | All | | | Unknown | [link](https://community.flexera.com/t5/Community-Notices/Flexera-s-response-to-Apache-Log4j-2-remote-code-execution/ba-p/216934) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Advanced Malware Detection | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Behavioral Analytics | | | Unknown | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Bitglass SSE | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | CASB | | | Unknown | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Cloud Security Gateway (CSG) | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Content Gateway | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | DDP/DUP/DPS | | | Unknown | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Directory Synchronization | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | DLP Manager | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Email Security | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Insider Threat | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Next Generation Firewall (NGFW) | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | NGFW Security Management Center | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | NGFW Virtual SMC Appliances | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | NGFW VPN Client | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | One Endpoint | | | Not Affected | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Security Manager (Web, Email and DLP) | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Sidewinder | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | User ID service | | | Fixed | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forcepoint | Web Security | | | Unknown | [link](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Forescout | All | | | Unknown | [link](https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ForgeRock | Autonomous Identity | | | Fixed | [link](https://backstage.forgerock.com/knowledge/kb/book/b21824339#1_bzBa) | All other ForgeRock products not affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | Autonomous Identity | | | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiADC | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAI | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAIOps | | 1.0.2 | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAnalyzer | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAnalyzer Big Cloud | | 6.4.7, 7.0.2 | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAnalyzer Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAP | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiAuthenticator | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiCache | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiCarrier | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiCASB | | | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiClient | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiClient Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiClient EMS | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiConnect | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiConverter Portal | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiCWP | | | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiDDoS | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiDDoS-F | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiDeceptor | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiEDR Agent | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiEDR Cloud | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiExtender Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiGate Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiGSLB Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiInsight | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiIsolator | | 2.3.4 | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiLAN Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiMail | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiManager | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiManager Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiMonitor | | | Fixed | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiNAC | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiOS (includes FortiGate & FortiWiFi) | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiPenTest | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiPhish Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiPolicy | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiPortal | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiPresence | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiProxy | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiRecorder | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiSandbox | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiSASE | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiSIEM | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiSOAR | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiSwitch & FortiSwitchManager | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiSwitch Cloud in FortiLANCloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiTester | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiToken Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiVoice | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiWeb Cloud | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiWLC | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | FortiWLM | | | Not Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fortinet | ShieldX | | | Affected | [link](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FTAPI | All | | | Unknown | [link](https://www.ftapi.com/blog/kritische-sicherheitslucke-in-log4j-ftapi-reagiert/#) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fuji Electric | MONITOUCH TS1000 series | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | MONITOUCH TS1000S series | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | MONITOUCH TS2000 series | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | MONITOUCH V8 series | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | MONITOUCH V9 series | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | MONITOUCH X1 series | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | TELLUS and V-Server | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fuji Electric | V-SFT | | | Not Affected | [link](https://monitouch.fujielectric.com/site/download-e/other/NVD%20CVE-2021-44228_en.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-02 |
| Fujitsu | AIS Connect | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | Bean Connect | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | BS2000 Hardware | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | BS2000 Software | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | BX400 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | BX900 MMB | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | eLux RP on FUTRO | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS AB/HB | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS CS800 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS CS8000 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS DX/AF | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS JX | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS LT140/260 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS LT20/40/60 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS SF | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ETERNUS SF MA | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | FlexFrame | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | INTELLIEGDLE A/G | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | iRMC on PRIMERGY | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ISM for PRIMERGY, PQ | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | NECoP | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | openFT | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | openSEAS | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | openUTM | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | openUTM (WebAdm.) | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | PRIMEFLEX for MS S2D | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | PTC Axeda (AIS Con.) | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SBAX2 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SBAX3 | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SecDocs | | | Fixed | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ServerView IM | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ServerView OM | | | Fixed | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ServerView OM/UM | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ServerView RAID | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ServerView Rem. Con. | | | Unknown | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | ServerView VIOM | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SOA Pro. Mgmt. Service | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SOA SysRollout Service | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SVS Services for ISM | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SVS UME + LinuxLife | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SVS VMware Op. Mgr. | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | SVS VMware vCenter | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Fujitsu | Web Transactions | | | Not Affected | [link](https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| FusionAuth | All | | | Not Affected | [link](https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,225 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| GE Digital | All | | | Unknown | [link](https://digitalsupport.ge.com/communities/en_US/Alert/GE-Security-Advisories) | This advisory is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Digital Grid | All | | | Unknown | [link](https://digitalenergy.service-now.com/csm?id=kb_category&kb_category=b8bc715b879c89103f22a93e0ebb3585) | This advisory is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | Asset Performance Management (APM) | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | GE Digital has fixed the log4j issue on the APM. Validation and test completed in development environment and the team is currently deploying the fixes in the production environment. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | Baseline Security Center (BSC) | | | Affected | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | GE Gas Power is still validating the workaround provided by FoxGuard in Technical Information Notice – M1221-S01. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | Baseline Security Center (BSC) 2.0 | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | GE Gas Power has tested and validated the component of the BSC 2.0 that is impacted (McAfee SIEM 11.x). The update and instructions can be downloaded from link in reference section. This update is available to customer only and has not been reviewed by CISA. | [Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029420) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | Control Server | | | Affected | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | Please see vCenter. Control Server is not directly impacted. It is impacted through vCenter. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | MyFleet | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | OPM Performance Intelligence | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | OPM Performance Planning | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | Tag Mapping Service | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Gas Power | vCenter | | | Fixed | [link](https://www.ge.com/content/dam/cyber_security/global/en_US/pdfs/2022-01-21_GE_Gas_Power_Product_Security_Advisory-Log4J_Vulnerability_v3.pdf) | GE Gas Power has tested and validated the update provided by Vmware. The update and instructions can be downloaded from link in reference section. This update is available to customer only and has not been reviewed by CISA. | [Customer Portal Update](https://gepowerpac.servicenow.com/kb_view.do?sysparm_article=KB0029417) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| GE Healthcare | | | | Unknown | [link](https://securityupdate.gehealthcare.com) | This advisory is not available at the time of this review, due to maintence on the GE Healthcare website. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Gearset | All | | | Unknown | [link](https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Genesys | All | | | Unknown | [link](https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GeoServer | All | | | Unknown | [link](http://geoserver.org/announcements/2021/12/13/logj4-rce-statement.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GeoSolutions | GeoNetwork | | A, l, l | Fixed | [link](https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| GeoSolutions | GeoServer | | | Not Affected | [link](https://my.geocat.net/knowledgebase/125/Log4j-RCE-CVE-2021-44228-vulnerability-patch.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Gerrit Code Review | All | | | Unknown | [link](https://www.gerritcodereview.com/2021-12-13-log4j-statement.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GFI Software | All | | | Unknown | [link](https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GFI Software | Kerio Connect | | | Fixed | [link](https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ghidra | All | | | Unknown | [link](https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ghisler | Total Commander | | | Not Affected | [link](https://www.ghisler.com/whatsnew.htm) | Third Party plugins might contain log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gigamon | Fabric Manager | | <5.13.01.02 | Fixed | [link](https://community.gigamon.com/gigamoncp/s/my-gigamon) | Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| GitHub | GitHub | | GitHub.com and GitHub Enterprise Cloud | Fixed | [link](https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| GitHub | GitHub Enterprise Server | | 3.0.22, 3.1.14, 3.2.6, 3.3.1 | Fixed | [link](https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| GitLab | All | | | Not Affected | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GitLab | DAST Analyzer | | | Not Affected | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GitLab | Dependency Scanning | | | Fixed | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GitLab | Gemnasium-Maven | | | Fixed | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GitLab | PMD OSS | | | Fixed | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GitLab | SAST | | | Fixed | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GitLab | Spotbugs | | | Fixed | [link](https://forum.gitlab.com/t/cve-2021-4428/62763/8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Globus | All | | | Unknown | [link](https://groups.google.com/a/globus.org/g/discuss/c/FJK0q0NoUC4) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GoAnywhere | Agents | | | Fixed | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | Gateway | | Version 2.7.0 or later | Fixed | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | MFT | | Version 5.3.0 or later | Fixed | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | MFT Agents | 1.4.2 or later | | Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | Versions less than GoAnywhere Agent version 1.4.2 are not affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | Open PGP Studio | | | Fixed | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoAnywhere | Suveyor/400 | | | Not Affected | [link](https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| GoCD | All | | | Unknown | [link](https://www.gocd.org/2021/12/14/log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Google | Chrome | | | Not Affected | [link](https://security.googleblog.com/2021/12/apache-log4j-vulnerability.html) | Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-14 |
| Google Cloud | Access Transparency | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Actifio | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit [https://now.actifio.com](https://now.actifio.com) for the full statement and to obtain the hotfix (available to Actifio customers only). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AI Platform Data Labeling | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AI Platform Neural Architecture Search (NAS) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AI Platform Training and Prediction | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos Config Management | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos Connect | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos Hub | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos Identity Service | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos on VMWare | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds to their VMware products as they become available. We also recommend customers review their respective applications and workloads affected by the same vulnerabilities and apply appropriate patches. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos Premium Software | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Anthos Service Mesh | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Apigee | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not used and therefore the VMs were not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. It is possible that customers may have introduced custom resources that are using vulnerable versions of Log4j. We strongly encourage customers who manage Apigee environments to identify components dependent on Log4j and update them to the latest version. Visit the Apigee Incident Report for more information. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Google Cloud | App Engine | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage App Engine environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AppSheet | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core AppSheet functionality. Additionally, we have patched one Java-based auxiliary service in our platform. We will continue to monitor for affected services and patch or remediate as required. If you have any questions or require assistance, contact AppSheet Support. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Artifact Registry | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Assured Workloads | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AutoML | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AutoML Natural Language | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AutoML Tables | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AutoML Translation | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AutoML Video | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | AutoML Vision | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | BigQuery | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | BigQuery Data Transfer Service | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | BigQuery Omni | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | BigQuery Omni, which runs on AWS and Azure infrastructure, does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We continue to work with AWS and Azure to assess the situation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Binary Authorization | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Certificate Manager | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Chronicle | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Asset Inventory | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Bigtable | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Cloud Build | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Build environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud CDN | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Composer | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible that customers may have imported or introduced other dependencies via DAGs, installed PyPI modules, plugins, or other services that are using vulnerable versions of Log4j 2. We strongly encourage customers, who manage Composer environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Google Cloud | Cloud Console App | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Data Loss Prevention | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Debugger | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Deployment Manager | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud DNS | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Endpoints | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud External Key Manager (EKM) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Functions | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Hardware Security Module (HSM) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Interconnect | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Intrusion Detection System (IDS) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Key Management Service | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Load Balancing | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Logging | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Natural Language API | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Network Address Translation (NAT) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Profiler | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Router | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Run | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Run for Anthos | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Scheduler | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud SDK | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Shell | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Shell environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Source Repositories | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Spanner | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Cloud SQL | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Cloud Storage | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Tasks | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Trace | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Traffic Director | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Cloud Translation | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Vision | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud Vision OCR On-Prem | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Cloud VPN | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | CompilerWorks | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Compute Engine | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Compute Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes to Google Cloud VMware Engine as they become available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Contact Center AI (CCAI) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Contact Center AI Insights | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Container Registry | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Data Catalog | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers who introduced their own connectors to identify dependencies on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Data Fusion | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Data Fusion does not use Log4j 2, but uses Dataproc as one of the options to execute pipelines. Dataproc released new images on December 18, 2021 to address the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow instructions in a notification sent on December 18, 2021 with the subject line “Important information about Data Fusion.” | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Database Migration Service (DMS) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Dataflow | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. If you have changed dependencies or default behavior, it is strongly recommended you verify there is no dependency on vulnerable versions Log4j 2. Customers have been provided details and instructions in a notification sent on December 17, 2021 with the subject line “Update #1 to Important information about Dataflow.” | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Google Cloud | Dataproc | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Dataproc released new images on December 18, 2021 to address the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions in notifications sent on December 18, 2021 with the subject line “Important information about Dataproc” with Dataproc documentation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Dataproc Metastore | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Dataproc Metastore has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent two notifications with instructions on December 17, 2021 with the subject line “Important information regarding Log4j 2 vulnerability in your gRPC-enabled Dataproc Metastore.” | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Datastore | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Datastream | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Dialogflow Essentials (ES) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Document AI | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Event Threat Detection | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Eventarc | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Filestore | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Log4j 2 is contained within the Filestore service; there is a technical control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Log4j 2 will be updated to the latest version as part of the scheduled rollout in January 2022. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Firebase | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Firestore | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Game Servers | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Google Cloud Armor | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Google Cloud Armor Managed Protection Plus | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Google Cloud VMware Engine | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | We are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes as they become available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-11 |
| Google Cloud | Google Kubernetes Engine | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Google Kubernetes Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Google Kubernetes Engine environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Healthcare Data Engine (HDE) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Human-in-the-Loop AI | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | IoT Core | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Key Access Justifications (KAJ) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Looker | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Looker-hosted instances have been updated to a Looker version with Log4j v2.16. Looker is currently working with third-party driver vendors to evaluate the impact of the Log4j vulnerability. As Looker does not enable logging for these drivers in Looker-hosted instances, no messages are logged. We conclude that the vulnerability is mitigated. We continue to actively work with the vendors to deploy a fix for these drivers. Looker customers who self-manage their Looker instances have received instructions through their technical contacts on how to take the necessary steps to address the vulnerability. Looker customers who have questions or require assistance, please visit Looker Support. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| Google Cloud | Media Translation API | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Memorystore | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Migrate for Anthos | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Migrate for Compute Engine (M4CE) | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | M4CE has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities. A notification was sent to customers on December 17, 2021 with subject line “Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11 or below. If you are on M4CE v5.0 or above, no action is needed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Google Cloud | Network Connectivity Center | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Network Intelligence Center | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Network Service Tiers | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Persistent Disk | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Pub/Sub | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Google Cloud | Pub/Sub Lite | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Pub/Sub Lite environments to identify components dependent on Log4j 2 and update them to the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Google Cloud | reCAPTCHA Enterprise | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Recommendations AI | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Retail Search | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Risk Manager | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Secret Manager | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Security Command Center | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Service Directory | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Service Infrastructure | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Speaker ID | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Speech-to-Text | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Speech-to-Text On-Prem | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Storage Transfer Service | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Talent Solution | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Text-to-Speech | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Transcoder API | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Transfer Appliance | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Video Intelligence API | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Virtual Private Cloud | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Google Cloud | Web Security Scanner | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Google Cloud | Workflows | | | Not Affected | [link](https://cloud.google.com/log4j2-security-advisory) | Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Gradle | All | | | Not Affected | [link](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise | | < 2021.3.6 | Fixed | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Build Cache Node | | < 10.1 | Fixed | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gradle | Gradle Enterprise Test Distribution Agent | | < 1.6.2 | Fixed | [link](https://security.gradle.com/advisory/2021-11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grafana | All | | | Not Affected | [link](https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Grandstream | All | | | Unknown | [link](https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Access Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Alert Engine | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | API Management | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravitee | Cockpit | | | Not Affected | [link](https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Gravwell | All | | | Not Affected | [link](https://www.gravwell.io/blog/cve-2021-44228-log4j-does-not-impact-gravwell-products) | Gravwell products do not use Java. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Graylog | All | | 3.3.15, 4.0.14, 4.1.9, 4.2.3 | Fixed | [link](https://www.graylog.org/post/graylog-update-for-log4j) | The vulnerable Log4j library is used to record GrayLogs own log information. Vulnerability is not triggered when GrayLog stores exploitation vector from an outer system. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Graylog | Graylog Server | | All versions >= 1.2.0 and <= 4.2.2 | Fixed | [link](https://www.graylog.org/post/graylog-update-for-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GreenShot | All | | | Not Affected | [link](https://greenshot.atlassian.net/browse/BUG-2871) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| GSA | Cloud.gov | | | Unknown | [link](https://cloud.gov/2021/12/14/log4j-buildpack-updates/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| GuardedBox | All | | 3.1.2 | Fixed | [link](https://twitter.com/GuardedBox/status/1469739834117799939) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Guidewire | All | | | Unknown | [link](https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,239 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| HAProxy | | | | Unknown | [link](https://www.haproxy.com/blog/december-2021-log4shell-mitigation/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HarmanPro AMX | | | | Unknown | [link](https://help.harmanpro.com/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Boundary | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Consul | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Consul Enterprise | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Nomad | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Nomad Enterprise | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Packer | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Terraform | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Terraform Enterprise | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Vagrant | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Vault | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Vault Enterprise | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HashiCorp | Waypoint | | | Unknown | [link](https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HCL Software | BigFix Compliance | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HCL Software | BigFix Insights | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HCL Software | BigFix Insights for Vulnerability Remediation | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HCL Software | BigFix Inventory | | < 10.0.7 | Fixed | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HCL Software | BigFix Lifecycle | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HCL Software | BigFix Mobile | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HCL Software | BigFix Patch | | | Not Affected | [link](https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486) | Not Affected for related CVE-2021-45046 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| HelpSystems Clearswift | | | | Unknown | [link](https://community.helpsystems.com/kb-nav/kb-article/?id=37becc1c-255c-ec11-8f8f-6045bd006687) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HENIX | Squash TM | | 1.21.7-1.22.9, 2.0.3-2.1.5, 2.2.0-3.0.2 | Fixed | [link](https://tm-en.doc.squashtest.com/v3/downloads.html#download-previous-versions) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Hexagon | | | | Unknown | [link](https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hikvision | | | | Unknown | [link](https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hitachi Energy | 3rd party - Elastic Search, Kibana | | Elasticsearch 5.0.0+ | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Set the JVM option -Dlog4j2.formatMsgNoLookups=true and restart each node of the cluster. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | 3rd party - Oracle Database Components | | 12.1, 12.2, 19c | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | As this is a third-party component, a separate patch management report will be provided to customers with the steps to apply the Oracle provided patches for these components. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Axis | | 3.6 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. Axis is a fully SaaS hosted solution and the environment has been patched per the recommendations | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Counterparty Settlement and Billing (CSB) | | v6 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | e-Mesh Monitor | | | Unknown | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No end-user action needed. The affected e-Mesh Monitor part is at the cloud offering side of which the remediation is handled by Hitachi Energy team. Remediation is currently ongoing, and during this time period, e-Mesh Monitor edge device is not able to upload data to cloud. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | eSOMS | | | Unknown | [link](https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hitachi Energy | FOXMAN-UN | | R15A, R14B, R14A, R11B SP1 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, please refer to the technical bulletin “FOXMAN-UN - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | FOXMAN-UN | | R11A and R10 series | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Lumada APM On-premises | | | Unknown | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions for various versions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Lumada APM SaaS offering | | | Unknown | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. The SaaS offering has been patched per the recommendations. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Lumada EAM / FSM | | v1.7.x, v1.8.x, v1.9.x | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See Section Mitigation Strategy in vendor advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | MMS Internal facing subcomponent. | | | Unknown | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Network Manager ADMS Network Model Server | | 9.1.0.32-9.1.0.44 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | Network Manager Outage Management Interface (CMI) | | 9.0-9.10.44, 9.1.1, 10.3.4 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | nMarket Global I-SEM | | 3.7.15, 3.7.16 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | RelCare | | 2.0.0 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. The RelCare SaaS hosted solution and the on-premises have been patched per the recommendations. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | UNEM | | R15A, R14B, R14A, R11B SP1 | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | A patch is available for releases R15A, R14B, R14A and R11B SP1. For details on how to apply such patch, please refer to the technical bulletin “UNEM - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Energy | UNEM | | R11A and R10 series | Fixed | [link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Hitachi Vantara | | | | Unknown | [link](https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HMS Industrial Networks AB | Cosy, Flexy and Ewon CD | | | Unknown | [link](https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| HMS Industrial Networks AB | eCatcher Mobile applications | | | Unknown | [link](https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| HMS Industrial Networks AB | eCatcher Windows software | | | Unknown | [link](https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| HMS Industrial Networks AB | Netbiter Hardware including EC, WS, and LC | | | Unknown | [link](https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| HMS Industrial Networks AB | Talk2M including M2Web | | | Unknown | [link](https://www.hms-networks.com/docs/librariesprovider6/cybersecurity/hms-security-advisory-2021-12-13-001---ewon-information-log4shell.pdf?sfvrsn=55d7f4d7_11) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| HOLOGIC | Advanced Workflow Manager (AWM) | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Affirm Prone Biopsy System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Brevera Breast Biopsy System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Cenova Image Analytics Server | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Dimensions / 3Dimensions Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Discovery Bone Densitometer | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Faxitron CT Specimen Radiography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Faxitron Specimen Radiography Systems | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Fluoroscan Insight Mini C-Arm | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Horizon DXA Bone Densitometer | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Rosetta DC Tomosynthesis Data Converter | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | SecurView DX Workstation | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | SecurXChange Router | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Trident HD Specimen Radiography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Unifi Workspace | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| HOLOGIC | Windows Selenia Mammography System | | | Unknown | [link](https://www.hologic.com/support/usa/breast-skeletal-products-cybersecurity) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Honeywell | | | | Unknown | [link](https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| HP | Teradici Cloud Access Controller | | < v113 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici EMSDK | | < 1.0.6 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici Management Console | | < 21.10.3 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP Connection Manager | | < 21.03.6, < 20.07.4 | Fixed | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HP | Teradici PCoIP License Server | | | Unknown | [link](https://support.hp.com/us-en/document/ish_5268006-5268030-16) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| HPE | 3PAR StoreServ Arrays | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | AirWave Management Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Alletra 6000 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Alletra 9k | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba Central | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba ClearPass Policy Manager | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba ClearPass Policy Manager | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba Instant (IAP) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba Location Services | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba NetEdit | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba PVOS Switches | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba SDN VAN Controller | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba User Experience Insight (UXI) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Aruba VIA Client | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | ArubaOS SD-WAN Controllers and Gateways | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | ArubaOS Wi-Fi Controllers and Gateways | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | ArubaOS-CX switches | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | ArubaOS-S switches | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | BladeSystem Onboard Administrator | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Brocade 16Gb Fibre Channel SAN Switch for HPE Synergy | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Brocade 16Gb SAN Switch for HPE BladeSystem c-Class | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Brocade Network Advisor | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | CloudAuth | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | CloudPhysics | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Compute Cloud Console | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Compute operations manager- FW UPDATE SERVICE | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | COS (Cray Operating System) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Cray Systems Management (CSM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Custom SPP Portal [Link](https://spp.hpe.com/custom) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Data Services Cloud Console | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Harmony Data Platform | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HOP public services (grafana, vault, rancher, Jenkins) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN2600B SAN Extension Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN4000B SAN Extension Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN6000B Fibre Channel Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN6500B Fibre Channel Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN6600B Fibre Channel Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN6650B Fibre Channel Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE B-series SN6700B Fibre Channel Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Customer Experience Assurance (CEA) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Hardware Support Manager plug-in for VMware vSphere Lifecycle Manager | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Home Location Register (HLR/I-HLR) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Infosight for Servers | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Integrated Home Subscriber Server (I-HSS) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Intelligent Messaging (IM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Intelligent Network Server (INS) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Multimedia Services Environment (MSE) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE OC Convergent Communications Platform (OCCP) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE OC Media Platform Media Resource Function (OCMP-MRF) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE OC Service Access Controller (OC SAC) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE OC Service Controller (OCSC) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE OC Universal Signaling Platform (OC-USP-M) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE OneView | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE OneView for VMware vRealize Operations (vROps) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE OneView Global Dashboard | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Performance Cluster Manager (HPCM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Performance Manager (PM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Position Determination Entity (PDE) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Secure Identity Broker (SIB) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Service Activator (SA) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Service Governance Framework (SGF) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Service Orchestration Manager (SOM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Service Provisioner (SP) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Short Message Point-to-Point Gateway (SMPP) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Slingshot | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Smart Interaction Server (SIS) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE SN3000B Fibre Channel Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE SN8000B 4-Slot SAN Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE SN8000B 8-Slot SAN Backbone Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE SN8600B 4-Slot SAN Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE SN8600B 8-Slot SAN Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE SN8700B 4-Slot Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE SN8700B 8-Slot Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Subscriber, Network, and Application Policy (SNAP) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Subscription Manager (SM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Synergy Image Streamer | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Systems Insight Manager (SIM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Telecom Application Server (TAS) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Unified Correlation and Automation (UCA) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Unified Mediation Bus (UMB) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Unified OSS Console (UOC) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Unified Topology Manager (UTM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Universal Identity Repository (VIR) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Universal SLA Manager (uSLAM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Virtual Connect | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Virtual Connect Enterprise Manager (VCEM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Virtual Provisioning Gateway (vPGW) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Virtual Server Environment (VSE) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | HPE Virtual Subscriber Data Management (vSDM) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE WebRTC Gateway Controller (WGW) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| HPE | HPE Wi-Fi Authentication Gateway (WauG) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Insight Cluster Management Utility (CMU) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrated Lights-Out (iLO) Amplifier Pack | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrated Lights-Out 4 (iLO 4) | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrated Lights-Out 5 (iLO 5) | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrity BL860c, BL870c, BL890c | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrity Rx2800/Rx2900 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrity Superdome 2 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Integrity Superdome X | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Intelligent Provisioning | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | iSUT integrated smart update tool | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Maven Artifacts (Atlas) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | MSA | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | NetEdit | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Nimble Storage | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | NS-T0634-OSM CONSOLE TOOLS | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | NS-T0977-SCHEMA VALIDATOR | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | OfficeConnect | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Primera Storage | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | RepoServer part of OPA (on Premises aggregator) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Resource Aggregator for Open Distributed Infrastructure Management | | | Not Affected | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | RESTful Interface Tool (iLOREST) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SAT (System Admin Toolkit) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Scripting Tools for Windows PowerShell (HPEiLOCmdlets) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SGI MC990 X Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SGI UV 2000 Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SGI UV 300, 300H, 300RL, 30EX | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SGI UV 3000 Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SN8700B 8-Slot Director Switch | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | StoreEasy | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | StoreEver CVTL | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | StoreEver LTO Tape Drives | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | StoreEver MSL Tape Libraries | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | StoreOnce | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | SUM (Smart Update Manager) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Superdome Flex 280 | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | Superdome Flex Server | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE | UAN (User Access Node) | | | Unknown | [link](https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00120086en_us) | Support Communication Cross Reference ID: SIK7387 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| HPE/Micro Focus | Data Protector | | 9.09 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003243) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Huawei | | | | Unknown | [link](https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Hubspot | | | | Unknown | [link](https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,347 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| I-Net software | | | | Unknown | [link](https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| I2P | | | | Unknown | [link](https://geti2p.net/en/blog/post/2021/12/11/i2p-unaffected-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBA-AG | | | | Unknown | [link](https://www.iba-ag.com/en/security) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ibexa | | | | Unknown | [link](https://developers.ibexa.co/security-advisories/cve-2021-44228-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBM | Analytics Engine | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | App Configuration | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | App Connect | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | App ID | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Application Gateway | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Aspera | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Aspera Endpoint | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Aspera Enterprise | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Aspera fasp.io | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Bare Metal Servers | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | BigFix Compliance | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBM | BigFix Inventory | VM Manager Tool & SAP Tool | | Affected | | To verify if your instance is affected, go to the lib subdirectory of the tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version of log4j is included. Version is included in the name of the library. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBM | Block Storage | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Block Storage for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Block Storage Snapshots for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Case Manager | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Certificate Manager | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Client VPN for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cloud Activity Tracker | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cloud Backup | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cloud Monitoring | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cloud Object Storage | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cloud Object Storage | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cloudant | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Code Engine | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cognos Command Center | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cognos Controller | 10.4.2 | | Affected | [link](https://www.ibm.com/support/pages/node/6526468>) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Cognos Integration Server | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose Enterprise | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for Elasticsearch | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for etcd | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for MongoDB | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for MySQL | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for PostgreSQL | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for RabbitMQ | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for Redis | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for RethinkDB | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Compose for ScyllaDB | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Container Registry | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Container Security Services | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Content Delivery Network | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Continuous Delivery | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Copy Services Manager | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for DataStax | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for EDB | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for Elasticsearch | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for etcd | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for MongoDB | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for PostgreSQL | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Databases for Redis | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Datapower Gateway | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Dedicated Host for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Direct Link Connect | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Direct Link Connect on Classic | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Direct Link Dedicated (2.0) | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Direct Link Dedicated Hosting on Classic | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Direct Link Dedicated on Classic | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Direct Link Exchange on Classic | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | DNS Services | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Emptoris Contract Management | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Emptoris Program Management | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Emptoris Sourcing | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Emptoris Spend Analysis | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Emptoris Supplier Lifecycle Management | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Enterprise Tape Controller Model C07 (3592) (ETC) | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Event Notifications | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Event Streams | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | File Storage | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Flash System 900 (& 840) | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Flow Logs for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Functions | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | GSKit | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Guardium S-TAP for Data Sets on z/OS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Guardium S-TAP for DB2 on z/OS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Guardium S-TAP for IMS on z/OS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Hyper Protect Crypto Services | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Hyper Protect DBaaS for MongoDB | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Hyper Protect DBaaS for PostgreSQL | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Hyper Protect Virtual Server | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | i2 Analyst’s Notebook | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | i2 Base | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Application Runtime Expert for i | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Backup, Recovery and Media Services for i | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Db2 Mirror for i | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM HTTP Server | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM i Access Family | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM i Portfolio of products under the Group SWMA | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM PowerHA System Mirror for i | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Direct Browser User Interface | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Direct File Agent | See Vendor Links | | Affected | [link](https://www.ibm.com/blogs/psirt/security-bulletin-apache-log4j-vulnerability-affects-ibm-sterling-connectdirect-for-unix-cve-2021-44228/) | | [https://www.ibm.com/support/pages/node/6526688](https://www.ibm.com/support/pages/node/6526688), [https://www.ibm.com/support/pages/node/6528324](https://www.ibm.com/support/pages/node/6528324), [https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| IBM | IBM Sterling Connect:Direct for HP NonStop | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Direct for i5/OS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Direct for OpenVMS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Express for Microsoft Windows | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Express for UNIX | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | IBM Sterling Connect:Express for z/OS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Instana Agent | Timestamp lower than 12-11-2021 | | Affected | [link](https://status.instana.io/incidents/4zgcd2gzf4jw) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| IBM | Internet Services | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Key Lifecycle Manager for z/OS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Key Protect | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Knowledge Studio | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Kubernetes Service | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Load Balancer for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Log Analysis | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Managed VMware Service | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Management Extender for VMware vCenter | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBM | Mass Data Migration | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Maximo EAM SaaS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Message Hub | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | MQ Appliance | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | MQ on IBM Cloud | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Natural Language Understanding | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | OmniFind Text Search Server for DB2 for i | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | OPENBMC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Planning Analytics Workspace | >2.0.57 | | Affected | [link](https://www.ibm.com/support/pages/node/6525700) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Power HMC | V9.2.950.0 & V10.1.1010.0 | | Affected | [link](https://www.ibm.com/support/pages/node/6526172?myns=pwrsmc&mynp=OCSGGSNP&mync=E&cm_sp=pwrsmc-_-OCSGGSNP-_-E) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | PowerSC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | PowerVM Hypervisor | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | PowerVM VIOS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | QRadar Advisor | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Qradar Network Threat Analytics | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | QRadar SIEM | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Quantum Services | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Rational Developer for AIX and Linux | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Rational Developer for i | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Red Hat OpenShift on IBM Cloud | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Resilient | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBM | Robotic Process Automation | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | SAN Volume Controller and Storwize Family | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Satellite Infrastructure Service | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Schematics | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Secrets Manager | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Secure Gateway | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Server Automation | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IBM | Spectrum Archive Library Edition | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Discover | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Client Management Service | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for Databases: Data Protection for Oracle | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for Databases: Data Protection for SQL | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for Enterprise Resource Planning | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for Mail: Data Protection for Domino | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for Mail: Data Protection for Exchange | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for Workstations | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect for z/OS USS Client and API | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Plus Db2 Agent | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Plus Exchange Agent | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Plus File Systems Agent | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Plus MongoDB Agent | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Plus O365 Agent | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Server | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Snapshot for UNIX | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Spectrum Protect Snapshot for UNIX | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | SQL Query | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Gentran | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Order Management | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for ACORD | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for Financial Services | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for FIX | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for NACHA | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for PeopleSoft | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for SAP R/3 | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for SEPA | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for Siebel | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Pack for SWIFT | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Packs for EDI | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Packs for Healthcare | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Sterling Transformation Extender Trading Manager | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Storage TS1160 | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Storage TS2280 | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Storage TS2900 Library | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Storage TS3100-TS3200 Library | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Storage TS4500 Library | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Storage Virtualization Engine TS7700 | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Tape System Library Manager | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | TDMF for zOS | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Total Storage Service Console (TSSC) / TS4500 IMC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Transit Gateway | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Tririga Anywhere | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | TS4300 | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Urbancode Deploy | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Virtual Private Cloud | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Virtual Server for Classic | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Virtualization Management Interface | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | VMware Solutions | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | VMware vCenter Server | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | VMware vSphere | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | VPN for VPC | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | vRealize Operations and Log Insight | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| IBM | Workload Automation | | | Unknown | [link](https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/#list-of-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ICONICS | All | | | Unknown | [link](https://iconics.com/News/Press-Releases/2021/ICONICS-Not-Subject-to-Apache-Log4j-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| IFS | | | | Unknown | [link](https://community.ifs.com/announcements-278/urgent-bulletin-ifs-advisory-ifs-products-services-and-log4j-cve-2021-44228-16436) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IGEL | | | | Unknown | [link](https://kb.igel.com/securitysafety/en/isn-2021-11-ums-log4j-vulnerability-54086712.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ignite Realtime | | | | Unknown | [link](https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| iGrafx | | | | Unknown | [link](https://www.igrafx.com/igrafx-thwarts-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Illuminated Cloud | | | | Unknown | [link](https://illuminatedcloud.blogspot.com/2021/12/illuminated-cloud-2-and-log4j-security.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Illumio | C-VEN | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | CLI | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | CloudSecure | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Core on-premise PCE | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Core SaaS PCE | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Edge SaaS PCE | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Edge-CrowdStrike | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Flowlink | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Kubelink | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | NEN | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | QRadar App | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | Splunk App | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Illumio | VEN | | | Unknown | [link](https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| IManage | | | | Unknown | [link](https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Imperva | | | | Unknown | [link](https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Inductive Automation | Ignition | | | Not Affected | [link](https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day) | Older versions of Ignition (7.8 and older) did use the Log4j library, but they used an older version (1.2) that was not affected by this vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-19 |
| IndustrialDefender | | | | Unknown | [link](https://www.industrialdefender.com/cve-2021-44228-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| infinidat | | | | Unknown | [link](https://support.infinidat.com/hc/en-us/articles/4413483145489-INFINIDAT-Support-Announcement-2021-010-Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| InfluxData | | | | Unknown | [link](https://www.influxdata.com/blog/apache-log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Infoblox | | | | Unknown | [link](https://support.infoblox.com/articles/Knowledge/Infoblox-NIOS-and-BloxOne-products-not-vulnerable-to-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Informatica | | | | Unknown | [link](https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Instana | | | | Unknown | [link](https://status.instana.io/incidents/4zgcd2gzf4jw) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Instructure | | | | Unknown | [link](https://community.canvaslms.com/t5/Community-Users/Instructure-amp-the-Apache-Log4j2-Vulnerability/ba-p/501907) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Intel | Audio Development Kit | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | Computer Vision Annotation Tool maintained by Intel | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | Datacenter Manager | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | Genomics Kernel Library | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | oneAPI sample browser plugin for Eclipse | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | Secure Device Onboard | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | Sensor Solution Firmware Development Kit | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | System Debugger | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Intel | System Studio | | | Unknown | [link](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00646.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Internet Systems Consortium(ISC) | BIND 9 | | | Not Affected | [link](https://www.isc.org/blogs/2021-log4j/) | no JAVA Code | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Internet Systems Consortium(ISC) | ISC DHCP, aka dhcpd | | | Not Affected | [link](https://www.isc.org/blogs/2021-log4j/) | no JAVA Code | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Internet Systems Consortium(ISC) | Kea DHCP | | | Not Affected | [link](https://www.isc.org/blogs/2021-log4j/) | no JAVA Code | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| InterSystems | | | | Unknown | [link](https://www.intersystems.com/gt/apache-log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Intland | codebeamer | <= 20.11-SP11, <= 21.09-SP3 | | Affected | [link](https://codebeamer.com/cb/wiki/19872365) | A fix has been released for [20.11](https://codebeamer.com/cb/wiki/13134438) and [21.09](https://codebeamer.com/cb/wiki/19418497), but not yet for [21.04](https://codebeamer.com/cb/wiki/16937839) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| IPRO | Netgovern | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| iRedMail | | | | Unknown | [link](https://forum.iredmail.org/topic18605-log4j-cve202144228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ironnet | | | | Unknown | [link](https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ISLONLINE | | | | Unknown | [link](https://blog.islonline.com/2021/12/13/isl-online-is-not-affected-by-log4shell-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ivanti | Application Control for Linux | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Application Control for Windows | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Automation | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Avalanche | 6.2.2, 6.3.0 to 6.3.3 | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Avalanche Remote Control | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | CETerm (Naurtech) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Cherwell Asset Management (CAM) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Cherwell Service Management (CSM) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Connect Pro | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | ConnectPro (Termproxy) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Credential mgr (PivD Manager) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Discovery Classic | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | DSM | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Environment Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | GoldMine | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | HEAT Classic | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | IIRIS (Neurons for IIOT) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Incapptic Connect | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Insight | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | ITSM 6/7 | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Asset Lifecycle Management | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Device Application Control | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Endpoint Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Endpoint Security | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Environment Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti EPM - Cloud Service Appliance | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti File Director | 2019.1.*, 2020.1.*, 2020.3.*, 2021.1.*, 4.4.* | 2021.3 HF2, 2021.1 HF1, 2020.3 HF2 | Fixed | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Identity Director | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti License Optimizer (ILO) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Management Center | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Neurons Platform | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Performance Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Security Controls (Patch ISec) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See More INFO for Ivanti Security Controls (Patch ISec) in the Advisory Page | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Service Desk | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | Not Affected. Java is no longer required since version 2018.3U3 Customers on older versions can uninstall JRE on their ISD Servers for mitigation. This will disable indexing of Attachments and Documents for full-text search. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Service Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Service Manager for Neurons (Cloud) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Voice | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Ivanti Workspace Control | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MI Appconnect | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MI Email+ | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MI Go Client | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MI MobileAtWork | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MI Security Productivity Apps | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Mi Tunnel App | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron Access ZSO | All | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | Mitigated. No Impact | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron BYOD Portal | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron Cloud | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron Cloud Connector | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron Core | All | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Core. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron Core Connector | All | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Core Connector. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | MobileIron Sentry (Core/Cloud) | 9.13, 9.14 | | Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | See Advisory details for mitigation instructions for MobileIron Sentry. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Patch MEM (Microsoft Endpoint Manager) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Patch OEM APIs | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Performance Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Connect Secure | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Desktop Client | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Mobile Client | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse One | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Policy Secure | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Services Director | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Virtual Traffic Manager | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse Web Application Firewall | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Pulse ZTA | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Risksense Threat and Vulnerability Management | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | SpeakEasy (add-on to Velocity) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | SpeakEasy (WinCE) | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Terminal Emulation and Industrial Browser | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Velocity | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | VelocityCE | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Virtual Desktop Extender | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Wavelink License Server | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Ivanti | Xtraction | | | Not Affected | [link](https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |

@ -0,0 +1,172 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Jamasoftware | All | | | Unknown | [link](https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Cloud | | | Fixed | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Connect | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Data Policy | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Health Care Listener | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Infrastructure Manager | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Now | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Private Access | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Pro (On-Prem) | | 10.34.1 | Fixed | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Protect | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf School | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jamf | Jamf Threat Defense | | | Not Affected | [link](https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Janitza | GridVis | | | Not Affected | [link](https://www.janitza.com/us/gridvis-download.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Jaspersoft | All | | | Unknown | [link](https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Java Melody | All | | 1.90.0 | Fixed | [link](https://github.com/javamelody/javamelody/wiki/ReleaseNotes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jedox | All | | | Unknown | [link](https://www.jedox.com/en/trust/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jenkins | CI | | | Not Affected | [link](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jenkins | CI/CD Core | | | Not Affected | [link](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jenkins | Plugins | | | Unknown | [link](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/) | | [Instructions to test your installations in announcement](https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| JetBrains | All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jetbrains | Code With Me | | | Fixed | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Datalore | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Floating License Server | | 30241 | Fixed | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Gateway | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Hub | | 2021.1.14080 | Fixed | [link](https://blog.jetbrains.com/hub/2021/12/14/hub-update-regarding-log4j2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, Rider, RubyMine, WebStorm) | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Kotlin | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Ktor | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | MPS | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | Space | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | TeamCity | | | Not Affected | [link](https://youtrack.jetbrains.com/issue/TW-74298) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | ToolBox | | | Not Affected | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | UpSource | | 2020.1.1952 | Fixed | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | YouTrack InCloud | | | Fixed | [link](https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JetBrains | YouTrack Standalone | | 2021.4.35970 | Fixed | [link](https://blog.jetbrains.com/youtrack/2021/12/youtrack-update-regarding-log4j2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JFrog | All | | | Not Affected | [link](https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| JGraph | DrawIO | | | Not Affected | [link](https://github.com/jgraph/drawio/issues/2490) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jitsi | jitsi-videobridge | | v2.1-595-g3637fda42 | Fixed | [link](https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jitterbit | All | | | Unknown | [link](https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Johnson Controls | Athena | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | BCPro | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | CEM AC2000 | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | CEM Hardware Products | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | CK721-A (P2000) | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | CloudVue Gateway | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | CloudVue Web | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Connect24 | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Connected Equipment Gateway (CEG) | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | C•CURE Client | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | C•CURE Server | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | C•CURE Web | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | C•CURE-9000 | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | DataSource | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | DLS | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Entrapass | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | exacqVision Client | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | exacqVision Server | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | exacqVision WebService | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Facility Explorer | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Illustra Cameras | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Illustra Insight | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | iSTAR | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Kantech Entrapass | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Metasys Products and Tools | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Active Responder | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Bridge | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Chiller Utility Plant Optimizer | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Cloud | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Connected Chiller | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Enterprise Manager | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Location Manager | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Risk Insight | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Twin | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | OpenBlue Workplace | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | P2000 | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | PowerSeries NEO | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | PowerSeries Pro | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Qolsys IQ Panels | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | RFID Overhead360 Backend | | All | Fixed | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | S321-IP (P2000) | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Shoppertrak Analytics (STaN) - Traffic | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Shoppertrak Market Intelligence | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Shoppertrak Perimeter Apps | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Shoppertrak Shopper Journey | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Shoppertrak Video Analytics | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Sur‐Gard Receivers | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | TrueVue Cloud | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Tyco AI | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | victor | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | victor/ C•CURE‐9000 Unified | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | VideoEdge | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Johnson Controls | Xaap | | | Not Affected | [link](https://www.johnsoncontrols.com/cyber-solutions/security-advisories) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Journyx | All | | | Unknown | [link](https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| jPOS | (ISO-8583) bridge | | | Not Affected | [link](https://github.com/jpos/jPOS/commit/d615199a1bdd35c35d63c07c10fd0bdbbc96f625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Jump Desktop | All | | | Unknown | [link](https://support.jumpdesktop.com/hc/en-us/articles/4416720395021-Log4j-CVE-2021-44228-CVE-2021-45046-Statement) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Advanced Threat Prevention (JATP) | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | AppFormix | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Apstra System | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Apstra System | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Connectivity Services Director | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Contrail Analytics | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Contrail Cloud | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Contrail Networking | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Contrail Service Orchestration | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Cross Provisioning Platform | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | CTPOS and CTPView | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | ICEAAA Manager | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | JATP Cloud | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Juniper Identity Management Services (JIMS) | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Juniper Mist Edge | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Juniper Sky Enterprise | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Junos OS | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Junos OS Evolved | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Junos Space Network Management Platform | | | Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | MIST - Juniper Networks Marvis Virtual Network Assistant (VNA) | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | MIST - Juniper Networks Mist AI | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | MIST - Juniper Networks Wi-Fi Assurance | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | MIST - Juniper Networks Wired Assurance | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Mist Access Points | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Network Director | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Northstar Controller | | | Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Northstar Planner | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Paragon Insights | >= 21 version 21.1 ; >= 22 version 22.2 | | Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Paragon Pathfinder | >= 21 version 21.1 ; >= 22 version 22.2 | | Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Paragon Planner | >= 21 version 21.1 ; >= 22 version 22.2 | | Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Policy Enforcer | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Products using Wind River Linux in Junos OS and Junos OS Evolved | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | ScreenOS | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | SecIntel | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Secure Analytics | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Security Director | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Security Director Insights | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Session Smart Router (Formerly 128T) | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Space SDK | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | Standalone Log Collector 20.1 (as also used by Space Security Director) | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Juniper Networks | User Engagement Virtual BLE | | | Not Affected | [link](https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Justice Systems | All | | | Unknown | [link](https://www.justicesystems.com/services/support/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,64 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| K15t | All | | | Unknown | [link](https://help.k15t.com/k15t-apps-and-log4shell-193401141.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| K6 | All | | | Unknown | [link](https://k6.io/blog/k6-products-not-impacted-by-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kaltura | Blackboard Learn SaaS in the classic Learn experience | | v3900.28.x | Fixed | [link](https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Kaltura | Blackboard Learn Self- and Managed-Hosting | | v3900.26.x | Fixed | [link](https://knowledge.kaltura.com/help/blackboard-learn-release-notes#blackboard-learn-december-2021-release-notes-v5412) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Karakun | All | | | Unknown | [link](https://board.karakun.com/viewtopic.php?f=21&t=8351) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kaseya | AuthAnvil | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | BMS | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | ID Agent DarkWeb ID and BullPhish ID | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | IT Glue | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | MyGlue | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | Network Glue | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | Passly | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | RocketCyber | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | Spannign Salesforce Backup | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | Spanning O365 Backup | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | Unitrends | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | Vorex | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Kaseya | VSA SaaS and VSA On-Premises | | | Not Affected | [link](https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| KeePass | All | | | Not Affected | [link](https://sourceforge.net/p/keepass/discussion/329220/thread/4643c5ec4f/?limit=250) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Keeper | All | | | Fixed | [link](https://www.keepersecurity.com/blog/2021/12/15/public-notice-regarding-the-apache-foundation-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kemp | All | | | Unknown | [link](https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit) | | [Additional Link](https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Keycloak | All | | | Not Affected | [link](https://github.com/keycloak/keycloak/discussions/9078) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kofax | Capture | | | Not Affected | [link](https://knowledge.kofax.com/Capture/Kofax_Capture/Reference/Log4J_Vulnerability_CVE-2021-44228_Does_Not_Affect_Kofax_Capture) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kofax | Communication Manager | | 5.3 - 5.5 | Fixed | [link](https://knowledge.kofax.com/Communications_Manager/Troubleshooting/log4j_vulnerability_in_Kofax_Communications_Manager) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kofax | Robot File System (RFS) | | >=10.7 | Fixed | [link](https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kofax | Robotic Process Automation (RPA) | | 11.1, 11.2 | Fixed | [link](https://knowledge.kofax.com/Robotic_Process_Automation/Troubleshooting) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Konica Minolta | All | | | Unknown | [link](https://www.konicaminolta.de/de-de/support/log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kronos UKG | All | | | Unknown | [link](https://community.kronos.com/s/feed/0D54M00004wJKHiSAO?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Kyberna | All | | | Unknown | [link](https://www.kyberna.com/detail/log4j-sicherheitsluecke) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,138 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| L-Soft | | | | Unknown | [link](http://www.lsoft.com/news/log4jinfo.asp) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| L3Harris Geospatial | | | | Unknown | [link](https://www.l3harrisgeospatial.com/Support/Self-Help-Tools/Help-Articles/Help-Articles-Detail/ArtMID/10220/ArticleID/24141/Impact-of-Log4j-Java-Security-Vulnerability-CVE-2021-44228-on-L3Harris-Geospatial-software) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Lancom Systems | | | | Unknown | [link](https://www.lancom-systems.com/service-support/instant-help/general-security-information/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Lansweeper | | | | Unknown | [link](https://www.lansweeper.com/vulnerability/critical-log4j-vulnerability-affects-millions-of-applications/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Laserfiche | | | | Unknown | [link](https://answers.laserfiche.com/questions/194037/Do-any-Laserfiche-products-use-the-Apache-log4j-library#194038) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LastPass | | | | Unknown | [link](https://support.logmeininc.com/lastpass/help/log4j-vulnerability-faq-for-lastpass-universal-proxy) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LaunchDarkly | | | | Unknown | [link](https://launchdarkly.com/blog/audit-shows-systems-unaffected-by-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Leanix | | | | Unknown | [link](https://www.leanix.net/en/blog/log4j-vulnerability-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Leica BIOSYSTEMS | Aperio AT2 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio AT2 DX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio CS2 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio eSlide Manager | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio GT 450 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio GT 450 DX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio ImageScope | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio ImageScope DX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio LV1 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio SAM DX Server For GT 450 DX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio Scanner Administration Manager (SAM) Server for GT 450 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio VERSA | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Aperio WebViewer DX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | BOND Controller | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | BOND RX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | BOND RXm | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | BOND-ADVANCE | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | BOND-III | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | BOND-MAX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | CEREBRO | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | CytoVision | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | HistoCore PEARL | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | HistoCore PEGASUS | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | HistoCore SPECTRA CV | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | HistoCore SPECTRA ST | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | HistoCore SPIRIT ST | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | HistoCore SPRING ST | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Leica ASP300S | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Leica CV5030 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Leica ST4020 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Leica ST5010 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Leica ST5020 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | Leica TP1020 | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | LIS Connect | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | PathDX | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Leica BIOSYSTEMS | ThermoBrite Elite | | | Unknown | [link](https://www.leicabiosystems.com/about/product-security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Lenovo | BIOS/UEFI | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Chassis Management Module 2 (CMM) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Commercial Vantage | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Confluent | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | DSS-G | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Embedded System Management Java-based KVM clients | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Fan Power Controller (FPC) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Fan Power Controller2 (FPC2) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Integrated Management Module II (IMM2) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | NetApp ONTAP Tools for VMware vSphere | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | See [NetApp](https://security.netapp.com/advisory/ntap-20211210-0007/) advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Network Switches running: Lenovo CNOS, Lenovo ENOS, IBM ENOS, or Brocade FOS | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Storage Management utilities | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | System Management Module (SMM) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | System Management Module 2 (SMM2) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | System Update | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Thin Installer | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkAgile HX | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | Nutanix and VMware components only; hardware not affected. See [Nutanix](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) and [VMWare](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) advisories. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkAgile VX | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | VMware components only; hardware not affected. See [VMWare](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkSystem 2x1x16 Digital KVM Switch - Type 1754D1T | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkSystem DE Series Storage | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | See also NetApp advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkSystem DM Series Storage | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | See also NetApp advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkSystem DS Series Storage | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | ThinkSystem Manager (TSM) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Update Retriever | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | Vantage | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Administrator (LXCA) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Controller (XCC) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Energy Manager (LXEM) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Essentials (LXCE) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Integrator (LXCI) for Microsoft Azure Log Analytics | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Integrator (LXCI) for Microsoft System Center | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Integrator (LXCI) for Nagios | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Integrator (LXCI) for ServiceNow | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Integrator (LXCI) for VMware vCenter | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Integrator (LXCI) for Windows Admin Center | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Mobile (LXCM) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Orchestrator (LXCO) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Lenovo | XClarity Provisioning Manager (LXPM) | | | Unknown | [link](https://support.lenovo.com/ca/en/product_security/len-76573) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| LeoStream | | | | Unknown | [link](https://support.leostream.com/support/discussions/topics/66000507567) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Let's Encrypt | | | | Unknown | [link](https://community.letsencrypt.org/t/log4j-vulnerability-cve-2021-44228/167464) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LibreNMS | | | | Unknown | [link](https://community.librenms.org/t/is-librenms-affected-by-vulnerable-to-cve-2021-25218-cve-2021-44228/17675/6) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LifeRay | | | | Unknown | [link](https://liferay.dev/blogs/-/blogs/log4j2-zero-day-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LifeSize | | | | Unknown | [link](https://community.lifesize.com/s/article/Apache-Log4j2-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Lightbend | | | | Unknown | [link](https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Lime CRM | | | | Unknown | [link](https://docs.lime-crm.com/security/lcsec21-01) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LIONGARD | | | | Unknown | [link](https://insights.liongard.com/faq-apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LiquidFiles | | | | Unknown | [link](https://mailchi.mp/liquidfiles/liquidfiles-log4j?e=%5BUNIQID%5D) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LiveAction | | | | Unknown | [link](https://documentation.liveaction.com/LiveNX/LiveNX%2021.5.1%20Release%20Notes/Release%20Notes%20LiveNX%2021.5.1.1.3) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Loftware | | | | Unknown | [link](https://help.loftware.com/lps-kb/content/log4j%20cve-2021-44228.htm?Highlight=CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LOGalyze | SIEM & log analyzer tool | v4.x | | Affected | [link](https://sourceforge.net/software/product/LOGalyze/) | local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17 | [Forks (github.com)](https://github.com/search?q=logalyzer&s=updated&type=Repositories) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| LogiAnalytics | | | | Unknown | [link](https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LogicMonitor | LogicMonitor Platform | | | Unknown | [link](https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Logit.io | Logit.io Platform | | | Not Affected | [link](https://logit.io/blog/post/logit-io-log4shell-security-update) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-07 |
| LogMeIn | | | | Unknown | [link](https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LogRhythm | | | | Unknown | [link](https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Looker | Looker | 21.0, 21.6, 21.12, 21.16, 21.18, 21.20 | | Affected | [link](https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| LucaNet | | | | Unknown | [link](https://www.lucanet.com/en/blog/update-vulnerability-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Lucee | | | | Unknown | [link](https://dev.lucee.org/t/lucee-is-not-affected-by-the-log4j-jndi-exploit-cve-2021-44228/9331/4) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Lyrasis | Fedora Repository | | | Not Affected | [link](https://groups.google.com/g/fedora-tech/c/dQMQ5jaX8Xo) | Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |

@ -0,0 +1,128 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| MailStore | | | | Unknown | [link](https://www.mailstore.com/en/blog/mailstore-affected-by-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Maltego | | | | Unknown | [link](https://www.maltego.com/blog/our-response-to-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine | AD SelfService Plus | | | Not Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-27 |
| ManageEngine | Servicedesk Plus | 11305 and below | | Affected | [link](https://www.manageengine.com/products/service-desk/security-response-plan.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ManageEngine Zoho | | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ManageEngine Zoho | ADAudit Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | ADManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | Analytics Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | Cloud Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | DataSecurity Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | EventLog Analyzer | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | Exchange Reporter Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | Log360 | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | Log360 UEBA | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | M365 Manager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | M365 Security Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| ManageEngine Zoho | RecoveryManager Plus | | | Unknown | [link](https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| MariaDB | | | | Unknown | [link](https://mariadb.com/resources/blog/log4shell-and-mariadb-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MathWorks | All MathWorks general release desktop or server products | | | Not Affected | [link](https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| MathWorks | MATLAB | | | Not Affected | [link](https://www.mathworks.com/content/dam/mathworks/policies/mathworks-response-to-cve-2021-44228-log4j-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-18 |
| Matillion | Matillion ETL | | 1.59.10+ | Fixed | [link](https://documentation.matillion.com/docs/security-advisory-14th-december-2021) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-11-01 |
| Matomo | | | | Unknown | [link](https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Mattermost FocalBoard | | | | Unknown | [link](https://forum.mattermost.org/t/log4j-vulnerability-concern/12676) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| McAfee | Data Exchange Layer (DXL) Client | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Data Loss Prevention (DLP) Discover | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Data Loss Prevention (DLP) Endpoint for Mac | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Data Loss Prevention (DLP) Endpoint for Windows | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Data Loss Prevention (DLP) Monitor | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Data Loss Prevention (DLP) Prevent | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Endpoint Security (ENS) for Linux | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Endpoint Security (ENS) for Mac | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Endpoint Security (ENS) for Windows | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Enterprise Security Manager (ESM) | | 11.5.3 | Fixed | [link](https://kc.mcafee.com/agent/index?page=content&id=SB10377) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | ePolicy Orchestrator Agent Handlers (ePO-AH) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | ePolicy Orchestrator Application Server (ePO) | | 5.10 CU11 | Fixed | [link](https://kc.mcafee.com/agent/index?page=content&id=SB10377) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Host Intrusion Prevention (Host IPS) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Management of Native Encryption (MNE) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Active Response (MAR) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Agent (MA) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Application and Change Control (MACC) for Linux | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Application and Change Control (MACC) for Windows | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Client Proxy (MCP) for Mac | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Client Proxy (MCP) for Windows | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Drive Encryption (MDE) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Security for Microsoft Exchange (MSME) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Security for Microsoft Exchange (MSME) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | McAfee Security for Microsoft SharePoint (MSMS) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Network Security Manager (NSM) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Network Security Platform (NSP) | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Policy Auditor | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Threat Intelligence Exchange (TIE) | | | Unknown | [link](https://kc.mcafee.com/agent/index?page=content&id=SB10377) | Latest status in linked Security Bulletin | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| McAfee | Web Gateway (MWG) | | | Unknown | [link](https://kc.mcafee.com/agent/index?page=content&id=SB10377) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Medtronic | | | | Unknown | [link](https://global.medtronic.com/xg-en/product-security/security-bulletins/log4j-vulnerabilities.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| MEINBERG | | | | Unknown | [link](https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MEINBERG | LANTIME and microSync | | | Unknown | [link](https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Meltano | Meltano | | | Unknown | [link](https://github.com/meltano/meltano) | Project is written in Python | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Memurai | | | | Unknown | [link](https://www.memurai.com/blog/apache-log4j2-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Micro Focus | Data Protector | | 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.90, 10.91, 11.00 | Fixed | [link](https://portal.microfocus.com/s/article/KM000003052) | | [https://portal.microfocus.com/s/article/KM000003050](https://portal.microfocus.com/s/article/KM000003050) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Microsoft | Azure API Gateway | | | Unknown | [link](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Azure Application Gateway | | | Unknown | [link](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Azure Data lake store java | < 2.3.10 | | Affected | [link](https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Azure Data lake store java | < 2.3.10 | | Affected | [link](https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Azure DevOps | | | Unknown | [link](https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Azure DevOps Server | 2019.0 - 2020.1 | | Affected | [link](https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Azure Traffic Manager | | | Unknown | [link](https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microsoft | Team Foundation Server | 2018.2+ | | Affected | [link](https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Microstrategy | | | | Unknown | [link](https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Midori Global | | | | Unknown | [link](https://www.midori-global.com/blog/2021/12/15/cve-2021-44228-log4shell-midori-apps-are-not-affected) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Mikrotik | | | | Unknown | [link](https://forum.mikrotik.com/viewtopic.php?p=897938) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Milestone sys | | | | Unknown | [link](https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Mimecast | | | | Unknown | [link](https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Minecraft | | | | Unknown | [link](https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Mirantis | | | | Unknown | [link](https://github.com/Mirantis/security/blob/main/news/cve-2021-44288.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Miro | | | | Unknown | [link](https://miro.com/trust/updates/log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Mitel | | | | Unknown | [link](https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MMM Group | Control software of all MMM series | | | Unknown | [link](https://www.mmmgroup.com/en/news/cybersecurity-vulnerability-log4shell-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| MMM Group | RUMED360 Cycles, RUMED360 Cycles View, RUMED360 Sicon, RUMED360 ISA-Server | | | Unknown | [link](https://www.mmmgroup.com/en/news/cybersecurity-vulnerability-log4shell-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| MongoDB | All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MongoDB | MongoDB Atlas Search | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MongoDB | MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MongoDB | MongoDB Drivers | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MongoDB | MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MongoDB | MongoDB Realm (including Realm Database, Sync, Functions, APIs) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MongoDB | MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) | | | Unknown | [link](https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Moodle | | | | Unknown | [link](https://moodle.org/mod/forum/discuss.php?d=429966) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| MoogSoft | | | | Unknown | [link](https://servicedesk.moogsoft.com/hc/en-us/articles/4412463233811?input_string=log4j+vulnerability+%7C%7C+cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Motorola Avigilon | | | | Unknown | [link](https://support.avigilon.com/s/article/Technical-Notification-Apache-Log4j2-vulnerability-impact-on-Avigilon-products-CVE-2021-44228?language=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Moxa | | | | Not Affected | [link](https://www.moxa.com/en/support/product-support/security-advisory/moxa-s-response-regarding-the-apache-log4j-vulnerability) | Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-19 |
| Mulesoft | | | | Unknown | [link](https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Mulesoft | Anypoint Studio | 7.x | | Affected | [link](https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021) | This advisory is available to account holders only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Mulesoft | Cloudhub | | | Unknown | [link](https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021) | This advisory is available to account holders only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Mulesoft | Mule Agent | 6.x | | Affected | [link](https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021) | This advisory is available to account holders only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Mulesoft | Mule Runtime | 3.x, 4.x | | Affected | [link](https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021) | This advisory is available to account holders only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |

@ -0,0 +1,95 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| N-able | | | | Unknown | [link](https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nagios | | | | Unknown | [link](https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| NAKIVO | | | | Unknown | [link](https://forum.nakivo.com/index.php?/topic/7574-log4j-cve-2021-44228/&do=findComment&comment=9145) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| National Instruments | OptimalPlus | Vertica, Cloudera, Logstash | | Affected | [link](https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html) | (Limited to deployments running Vertica, Cloudera, or Logstash) Contact Technical Support | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Neo4j | Neo4j Graph Database | >4.2, <4..2.12 | | Affected | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Netapp | Multiple NetApp products | | | Unknown | [link](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Netcup | | | | Unknown | [link](https://www.netcup-news.de/2021/12/14/pruefung-log4j-sicherheitsluecken-abgeschlossen/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| NetGate PFSense | | | | Unknown | [link](https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Netwrix | | | | Unknown | [link](https://www.netwrix.com/netwrix_statement_on_cve_2021_44228_the_apache_log4j_vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| New Relic | Containerized Private Minion (CPM) | | 3.0.57 | Fixed | [link](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/) | New Relic is in the process of revising guidance/documentation, however the fix version remains sufficient. | [Security Bulletin NR21-04](https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-04/) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-18 |
| New Relic | New Relic Java Agent | <7.4.3 | | Affected | [link](https://docs.newrelic.com/docs/release-notes/agent-release-notes/java-release-notes/java-agent-743/) | Initially fixed in 7.4.2, but additional vulnerability found | [New Relic tracking](https://github.com/newrelic/newrelic-java-agent/issues/605), covers CVE-2021-44228, CVE-2021-45046 | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| NextCloud | | | | Unknown | [link](https://help.nextcloud.com/t/apache-log4j-does-not-affect-nextcloud/129244) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nextflow | Nextflow | | | Not Affected | [link](https://www.nextflow.io/docs/latest/index.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Nexus Group | | | | Unknown | [link](https://doc.nexusgroup.com/pages/viewpage.action?pageId=83133294) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nice Software (AWS) EnginFRAME | | | | Unknown | [link](https://download.enginframe.com/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| NinjaRMM | | | | Unknown | [link](https://ninjarmm.zendesk.com/hc/en-us/articles/4416226194189-12-10-21-Security-Declaration-NinjaOne-not-affected-by-CVE-2021-44228-log4j-) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nomachine | | | | Unknown | [link](https://forums.nomachine.com/topic/apache-log4j-notification) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| NoviFlow | | | | Unknown | [link](https://noviflow.com/noviflow-products-and-the-log4shell-exploit-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nulab | Backlog | | N/A (SaaS) | Fixed | [link](https://nulab.com/blog/company-news/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nulab | Backlog Enterprise (On-premises) | | < 1.11.7 | Fixed | [link](https://nulab.com/blog/company-news/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nulab | Cacoo | | N/A (SaaS) | Fixed | [link](https://nulab.com/blog/company-news/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nulab | Cacoo Enterprise (On-premises) | | < 4.0.4 | Fixed | [link](https://nulab.com/blog/company-news/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nulab | Typetalk | | N/A (SaaS) | Fixed | [link](https://nulab.com/blog/company-news/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Nutanix | AHV | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | AOS | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | AOS | | STS (including Prism Element) | Fixed | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patched in 6.0.2.4, available on the Portal for download. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Beam | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | BeamGov | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Calm | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Calm Tunnel VM | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Collector | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Collector Portal | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Data Lens | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Era | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | File Analytics | 2.1.x, 2.2.x, 3.0+ | | Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Mitigated in version 3.0.1 which is available on the Portal for download. Mitigation is available [here](https://portal.nutanix.com/kb/12499) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Files | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Flow | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Flow Security Cental | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Foundation | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Frame | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | FrameGov | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | FSCVM | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Insights | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Karbon | All | | Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Mitigation is available [here](https://portal.nutanix.com/kb/12483) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Karbon Platform Service | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | LCM | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Leap | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Mine | All | | Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Mitigation is available [here](https://portal.nutanix.com/kb/12484) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Move | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | MSP | All | | Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Mitigation is available [here](https://portal.nutanix.com/kb/12482) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | NCC | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | NGT | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Objects | All | | Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Mitigation is available [here](https://portal.nutanix.com/kb/12482) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Prism Central | | All | Fixed | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Patched in 2021-9.0.3, available on the Portal for download. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Sizer | | | Unknown | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Saas-Based Procuct. See Advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Volumes | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | Witness VM | All | | Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | Mitigation is available [here](https://portal.nutanix.com/kb/12491) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nutanix | X-Ray | | | Not Affected | [link](https://download.nutanix.com/alerts/Security_Advisory_0023.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Nvidia | | | | Unknown | [link](https://nvidia.custhelp.com/app/answers/detail/a_id/5294) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| NXLog | | | | Unknown | [link](https://nxlog.co/news/apache-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,41 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| 1Password | All products | | | Not Affected | [link](https://support.1password.com/kb/202112/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-01-14 |
| 2n | | | | Unknown | [link](https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| 3CX | | | | Unknown | [link](https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| 3M Health Information Systems | CGS | | | Unknown | [link](https://support.3mhis.com/app/account/updates/ri/5210) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| 7-Zip | | | | Unknown | [link](https://sourceforge.net/p/sevenzip/discussion/45797/thread/b977bbd4d1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| 7Signal | Sapphire | | | Fixed | [link](https://www.7signal.com/info/se-release-notes) | Fix released 2021-12-14 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |

@ -0,0 +1,81 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Objectif Lune | | | | Unknown | [link](https://learn.objectiflune.com/blog/security/statement-on-log4j-vulnerability-cve-2021-4428/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OCLC | | | | Unknown | [link](https://oclc.service-now.com/status) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Octopus | | | | Unknown | [link](https://advisories.octopus.com/adv/December.2306508680.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Okta | Advanced Server Access | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Access Gateway | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta AD Agent | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Browser Plugin | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta IWA Web Agent | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta LDAP Agent | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Mobile | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta On-Prem MFA Agent | < 1.4.6 | | Affected | [link](https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta RADIUS Server Agent | < 2.17.0 | | Affected | [link](https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Verify | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Workflows | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Onespan | | | | Unknown | [link](https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Opengear | | | | Unknown | [link](https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenMRS TALK | | | | Unknown | [link](https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenNMS | | | | Unknown | [link](https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenSearch | | | | Unknown | [link](https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenText | | | | Unknown | [link](https://www.opentext.com/support/log4j-remote-code-execution-advisory) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Opto 22 | GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP | < 4.3g | 4.3g | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Opto 22 | GROOV-AT1, GROOV-AT1-SNAP | < 4.3g | 4.3g | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Opto 22 | GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP | < 4.3g | 4.3g | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Opto 22 | GRV-EPIC-PR1, GRV-EPIC-PR2 | < 3.3.2 | 3.3.2 | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Oracle | | | | Unknown | [link](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html) | The support document is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Oracle | Enterprise Manager | 13.5, 13.4 & 13.3.2 | | Affected | [link](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html) | Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Oracle | Exadata | <21.3.4 | | Affected | [link](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html) | Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Orgavision | | | | Unknown | [link](https://www.orgavision.com/neuigkeiten/sicherheitsluecke-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Osirium | PAM | | | Unknown | [link](https://www.osirium.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Osirium | PEM | | | Unknown | [link](https://www.osirium.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Osirium | PPA | | | Unknown | [link](https://www.osirium.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OTRS | | | | Unknown | [link](https://portal.otrs.com/external) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OVHCloud | | | | Unknown | [link](https://blog.ovhcloud.com/log4shell-how-to-protect-my-cloud-workloads/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OwnCloud | | | | Unknown | [link](https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OxygenXML | Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Developer | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Editor | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen Content Fusion | 2.0, 3.0, 4.1 | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen Feedback Enterprise | 1.4.4 & older | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen License Server | v22.1 to v24.0 | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen PDF Chemistry | v22.1, 23.0, 23.1, 24.0 | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen SDK | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Plugins (see advisory link) | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Publishing Engine | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Web Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | WebHelp | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |

@ -0,0 +1,304 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Paessler | PRTG | | | Not Affected | [link](https://docs.rundeck.com/docs/history/CVEs/#log4shell-cves) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| PagerDuty | PagerDuty Rundeck | | 3.3+ | Fixed | [link](https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability) | We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| PagerDuty | PagerDuty SaaS | | | Fixed | [link](https://support.pagerduty.com/docs/pagerduty-log4j-zero-day-vulnerability) | We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Palantir | Palantir AI Inference Platform (AIP) | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palantir | Palantir Apollo | | | Not Affected | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact, and updates have been deployed for full remediation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palantir | Palantir Foundry | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palantir | Palantir Gotham | | All | Fixed | [link](https://www.palantir.com/security-advisories/log4j-vulnerability/) | No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Palo-Alto Networks | Bridgecrew | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | CloudGenix | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex Data Lake | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex XDR Agent | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex Xpanse | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Cortex XSOAR | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Exact Data Matching CLI | | 1.2 | Fixed | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Expedition | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | GlobalProtect App | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | IoT Security | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Okyo Grade | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Palo-Alto Networks-DB Private Cloud | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Palo-Alto Networks-OS for Firewall and Wildfire | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Palo-Alto Networks-OS for Panorama | | 9.0.15, 9.1.12-h3, 10.0.8-h8 | Fixed | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Palo-Alto Networks | Prisma Access | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Prisma Cloud | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Prisma Cloud Compute | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | Prisma SD-WAN (CloudGenix) | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | SaaS Security | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | User-ID Agent | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | WildFire Appliance | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Palo-Alto Networks | WildFire Cloud | | | Not Affected | [link](https://security.paloaltonetworks.com/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Panasonic | KX-HDV100 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV130 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV230 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV330 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV340 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV430 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-HDV800 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP500 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP550 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP600 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-TGP700 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UDS124 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT113 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT123 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT133 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT136 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT248 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panasonic | KX-UT670 | | | Not Affected | [link](https://panasonic.net/cns/pcc/support/sipphone/disposaldoc-Apache_Log4j_Vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-20 |
| Panopto | All | | | Unknown | [link](https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PaperCut | PaperCut Hive | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut MF | 21.0 and later | | Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut MobilityPrint | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut MultiVerse | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut NG | 21.0 and later | | Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut Online Services | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut Pocket | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut Print Logger | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PaperCut | PaperCut Views | | | Not Affected | [link](https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Parallels | Remote Application Server | | | Not Affected | [link](https://kb.parallels.com/en/128696) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Parse.ly | All | | | Unknown | [link](https://blog.parse.ly/parse-ly-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PBXMonitor | RMM for 3CX PBX | | | Not Affected | [link](https://www.pbxmonitor.net/changelog.php) | Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| PDQ | Deploy | | | Unknown | [link](https://www.pdq.com/blog/log4j-vulnerability-cve-2021-44228/?utm_content=190941012&utm_medium=social&utm_source=twitter&hss_channel=tw-90432152) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| PDQ | Inventory | | | Unknown | [link](https://www.pdq.com/blog/log4j-vulnerability-cve-2021-44228/?utm_content=190941012&utm_medium=social&utm_source=twitter&hss_channel=tw-90432152) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Pega | Platform | | 7.3.x - 8.6.x | Fixed | [link](https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability) | Hotfixes made available for registered customers by Pega. When using Stream nodes, the embedded Kafka instances require a separate hotfix to be installed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pentaho | All | | | Unknown | [link](https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pepperl+Fuchs | All | | | Unknown | [link](https://www.pepperl-fuchs.com/global/en/29079.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Percona | All | | | Unknown | [link](https://www.percona.com/blog/log4jshell-vulnerability-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Personio | All | | | Fixed | [link](https://status.personio.de/incidents/kn4c6mf6lpdv) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Endpoint Activation | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Eptools | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Infinity | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Infinity Connect Client | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Microsoft Teams Connector | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | My Meeting Video | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Reverse Proxy and TURN Server | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | Service | | All | Fixed | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pexip | VMR Self-Service Portal | | | Not Affected | [link](https://www.pexip.com/blog1.0/pexip-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Phenix Id | All | | | Unknown | [link](https://support.phenixid.se/uncategorized/log4j-fix/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Philips | Event Analytics (All VUE PACS Versions) | All | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | HealthSuite Marketplace | | 1.2 | Fixed | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Philips hosting environment has deployed a patch. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | IntelliBridge Enterprise | B.13, B.15 | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided it is customer responsibility to validate and deploy patches. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | IntelliSite Pathology Solution 5.1 | L1 | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | IntelliSpace Enterprise | | v11 and above | Fixed | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | IntelliSpace PACS | | | Fixed | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Philips hosting environment is evaluating the VMware provided workaround and in the process of deploying for managed service customers. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | IntelliSpace Portal Server/workstation | | v9 and above | Fixed | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Pathology De-identifier 1.0 | L1 | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Performance Bridge | | 2.0 with Practice, 3.0 | Fixed | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Pinnacle | 18.x | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Protocol Analytics | | 1.1 | Fixed | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Protocol Applications | 1.1 | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Report Analytics (All VUE PACS Versions) | All | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | RIS Clinic | | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Scanner Protocol Manager | 1.1 | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Tasy EMR | | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | Univeral Data Manager (UDM) | | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | Philips hosting environment is evaluating the VMware provided workaround and in the process of deploying for managed service customers. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Philips | VuePACS | 12.2.8 | | Affected | [link](https://www.philips.com/a-w/security/security-advisories/product-security-2021.html#2021_archive) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| PHOENIX CONTACT | Cloud Services | | | Fixed | [link](https://www.phoenixcontact.com/online/portal/pc?1dmy&urile=wcm:path:/pcen/web/offcontext/insite_landing_pages/a7217e47-af46-4c7b-a748-3b6bf94a30a0/a7217e47-af46-4c7b-a748-3b6bf94a30a0) | Cloud Services were either not vulnerable or are completely fixed. No exploits observed. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| PHOENIX CONTACT | Physical products containing firmware | | | Not Affected | [link](https://www.phoenixcontact.com/online/portal/pc?1dmy&urile=wcm:path:/pcen/web/offcontext/insite_landing_pages/a7217e47-af46-4c7b-a748-3b6bf94a30a0/a7217e47-af46-4c7b-a748-3b6bf94a30a0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| PHOENIX CONTACT | Software Products | | | Not Affected | [link](https://www.phoenixcontact.com/online/portal/pc?1dmy&urile=wcm:path:/pcen/web/offcontext/insite_landing_pages/a7217e47-af46-4c7b-a748-3b6bf94a30a0/a7217e47-af46-4c7b-a748-3b6bf94a30a0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Ping Identity | PingAccess | | 4.0 <= version <= 6.3.2 | Fixed | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingCentral | | | Fixed | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingFederate | | 8.0 <= version <= 10.3.4 | Fixed | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingFederate Java Integration Kit | | < 2.7.2 | Fixed | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingFederate OAuth Playground | | < 4.3.1 | Fixed | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ping Identity | PingIntelligence | | | Fixed | [link](https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pitney Bowes | All | | | Unknown | [link](https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Planmeca | All | | | Unknown | [link](https://www.planmeca.com/apache-log4j-vulnerability-in-planmeca-products/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Planon Software | Planon Universe | | | Not Affected | [link](https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/) | This advisory is available for customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Platform.SH | All | | | Unknown | [link](https://platform.sh/blog/2021/platformsh-protects-from-apache-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Plesk | All | | | Unknown | [link](https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Plex | Plex Industrial IoT | | | Not Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | This advisory is available to customer only and has not been reviewed by CISA. Mitigation already applied, patch available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Plex | Plex Media Server | | | Not Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Polycom | Cloud Relay (OTD and RealConnect hybrid use case) | | | Unknown | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Polycom | Poly Clariti Core/Edge (a.k.a. DMA/CCE) | | 9.0 and above | Fixed | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Polycom | Poly Clariti Relay | | 1.0.2 | Fixed | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Polycom | Poly RealConnect for Microsoft Teams and Skype for Business | | | Fixed | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Polycom | RealAccess | | | Fixed | [link](https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Portainer | All | | | Unknown | [link](https://www.portainer.io/blog/portainer-statement-re-log4j-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PortSwigger | All | | | Unknown | [link](https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Postgres | PostgreSQL JDBC | | | Not Affected | [link](https://www.postgresql.org/about/news/postgresql-jdbc-and-the-log4j-cve-2371/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Postman | All | | | Unknown | [link](https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Power Admin LLC | PA File Sight | | | Not Affected | [link](https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Power Admin LLC | PA Server Monitor | | | Not Affected | [link](https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Power Admin LLC | PA Storage Monitor | | | Not Affected | [link](https://www.poweradmin.com/blog/solarwinds-hack-our-safety-measures/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PowerDNS | dnsdist | | | Not Affected | [link](https://blog.powerdns.com/2021/12/16/powerdns-and-log4j-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PowerDNS | metronome | | | Not Affected | [link](https://blog.powerdns.com/2021/12/16/powerdns-and-log4j-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PowerDNS | PowerDNS Authoritative Server | | | Not Affected | [link](https://blog.powerdns.com/2021/12/16/powerdns-and-log4j-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PowerDNS | PowerDNS Recursor | | | Not Affected | [link](https://blog.powerdns.com/2021/12/16/powerdns-and-log4j-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Pretix | All | | | Unknown | [link](https://pretix.eu/about/de/blog/20211213-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PrimeKey | All | | | Unknown | [link](https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Procentec (HMS Group) | All | | | Not Affected | [link](https://mailchi.mp/procentec.com/security_message) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Progress | DataDirect Hybrid Data Pipeline | | | Fixed | [link](https://knowledgebase.progress.com/articles/Knowledge/Is-Hybrid-Data-Pipeline-vulnerable-CVE-2021-44228-Log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Progress | OpenEdge | | | Fixed | [link](https://knowledgebase.progress.com/articles/Knowledge/Is-Hybrid-Data-Pipeline-vulnerable-CVE-2021-44228-Log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ProofPoint | Archiving Appliance | | | Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Archiving Backend | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Cloud App Security Broker | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Cloudmark Cloud/Cloudmark Hybrid | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Cloudmark On-Premise | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Compliance Gateway | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Content Patrol | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Data Discover | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | DLP Core Engine | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Email Community | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Email Fraud Defense (EFD) | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Email Protecton OnDemand (PoD), including Email DLP and Email Encryption | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Email Security Relay | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Endpoint DLP | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Essentials Archive | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Essentials Email | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Insider Threat Management Saas | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Insiders Threat Management On-Premise | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Isolation | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | ITM Saas Endpoint Agents | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Mail Protection On-Premise (PPS), including Email DLP and Email Encryption | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Meta/ZTNA | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Nexus People Risk Explorer | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Secure Email Relay | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Secure Share | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Security Awareness Training | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Sentrion | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Social Discover | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Social Patrol | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Targeted Attack Protection (TAP) | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Threat Response (TRAP) | | | Not Affected | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Web Gateway | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProofPoint | Web Security | | | Fixed | [link](https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| ProSeS | All | | | Unknown | [link](https://www.proses.de/en/2021/12/16/log4shell-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Prosys | All | | | Unknown | [link](https://prosysopc.com/news/important-security-release/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Proxmox | Backup Server | | | Not Affected | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Proxmox | Mail Gateway | | | Not Affected | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Proxmox | VE | | | Not Affected | [link](https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PRTG Paessler | All | | | Unknown | [link](https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTC | ACA Client | | | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Adapter Toolkit | | | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | AdaWorld | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ApexAda | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Arbortext Editor, Styler, and Publishing Engine | | >8.0.0.0 | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Arena | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Axeda | | | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Axeda Platform | 6.9.2 | | Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Creo Elements/Direct Model Manager | | | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Creo Parametric | | | Unknown | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Creo View | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Flexnet License Server | | | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | FlexPLM | 12.0.2.2 (CPS03), 12.0.2.3 | | Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | FlexPLM | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | FlexPLM | | 12.0.2.0 (CPS01 and CPS02) | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Implementer | | | Unknown | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Intellicus | | >=19.1 SP11 | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | OnShape | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Servigistics Service Parts Management | | 12.1, 12.2 | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Servigistics Service Parts Pricing | | 12.1, 12.2 | Fixed | [link](https://www.ptc.com/en/support/article/CS358990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Advisor Apps | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Agents | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Analytics | | 8.5, 9.0, 9.1, 9.2 | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx DPM | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Extensions | | | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Flow | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Kepware | | <=1.3 | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Manufacturing Apps | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Navigate | | 9.1, 9.2 | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Ping Federate Integration | | >=9.1 | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Platform | | >=8.5.7 | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | ThingWorx Platform High Availability | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | WCTK | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill PDMLink | 12.0.2.2 (CPS03) | | Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill PDMLink | | 12.0.2.0 (CPS01 & CPS02) | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill PDMLink | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill Performance Advisor | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill Rest Services | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill RV&S(Integrity Lifcycle Manager) | | 4.6/8.6 4.6 SP0 to 12.5 | Fixed | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTC | Windchill Workgroup Manager | | | Not Affected | [link](https://www.ptc.com/en/support/article/CS358901) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| PTV Group | Map&Market | > 2017 | | Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | Map&Market | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Arrival Board | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Balance | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Content Update Service | | 2 (on prem) | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Developer | | | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Drive&Arrive | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Drive&Arrive App | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV EM Portal | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Epics | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Hyperpath | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV MaaS Modeller | | | Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Map&Guide Intranet | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Navigator App | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Navigator License Manager | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Optima | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Road Editor | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Route Optimiser CL | | | Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Route Optimiser ST | | on prem xServer2 | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Route Optimiser ST (TourOpt) | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Route Optimizer Saas/Demonstrator | | | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV TLN Planner Internet | | | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV TRE | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Tre-Addin | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Trip Creator | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Vissim | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Vistad Euska | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Vistro | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Visum | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Visum Publisher | | | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV Viswalk | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV xServer | | 1.34 (on prem), 2 (on prem) | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV xServer | | | Not Affected | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV xServer Internet 1 | | | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| PTV Group | PTV xServer Internet 2 | | | Fixed | [link](https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Connect Secure (ICS) | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Neurons for Secure Access | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Ivanti Neurons for ZTA | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Connect Secure | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Desktop Client | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Mobile Client | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse One | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Policy Secure | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Secure Services Director | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Secure Virtual Traffic Manager | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse Secure Web Application Firewall | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pulse Secure | Pulse ZTA | | | Not Affected | [link](https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Puppet | Agents | | | Not Affected | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Puppet | Continuous Delivery for Puppet Enterprise | | 3.x, < 4.10.2 | Fixed | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Puppet | Enterprise | | | Not Affected | [link](https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pure Storage | Cloud Blockstore | CBS6.1.x, CBS6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | Flash Array | 5.3.x, 6.0.x, 6.1.x, 6.2.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | Flash Blade | 3.1.x, 3.2.x, 3.3.x | | Affected | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | PortWorx | | 2.8.0+ | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | Pure1 | | | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Pure Storage | VM Analytics OVA Collector | | < v3.1.4 | Fixed | [link](https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_log4j) | This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| PuTTY | All | | | Not Affected | [link](https://www.chiark.greenend.org.uk/~sgtatham/putty/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Pyramid Analytics | All | | | Not Affected | [link](https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,82 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Qconference | FaceTalk | | | Fixed | [link](https://qconferencing.com/status-vulnerability-log4j-en-qconferencing/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| QF-Test | All | | | Unknown | [link](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Qlik | AIS, including ARC | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Attunity Visibility | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | AutoML | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Blendr | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | C4DL | | 6.6 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | C4DW | | 6.6, 6.6.1, 7.0 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Catalog | | 4.10.0, 4.10.1, 4.10.2, 4.11.0, 4.11.1, 4.12.0, 4.12.1 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Compose | | 2021.2, 2021.5, 2021.8 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Compose for Data Lakes | | | Not Affected | [link](https://community.qlik.com/t5/Knowledge/CVE-2021-44228-Handling-the-log4j-lookups-critical-vulnerability/ta-p/1869987) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Compose for Data Wharehouses | | | Not Affected | [link](https://community.qlik.com/t5/Knowledge/CVE-2021-44228-Handling-the-log4j-lookups-critical-vulnerability/ta-p/1869990) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | GeoAnalytics Plus | | 5.26.5, 5.27.5 - 5.28.2, 5.29.4 - 5.30.1, 5.31.1, 5.31.2 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | GeoAnalytics Server | | 4.19.1 - 4.27.3, 4.23.4, 4.32.3 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Nodegraph | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Nprinting | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | ODBC Connector Package | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | QEM | | 6.6, 7.0, 2021.5, 2021.11 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Alerting | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Catalog | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Data Transfer | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Enterprise Manager | | 6.6, 7.0, 2021.5, 2021.11 | Fixed | [link](https://community.qlik.com/t5/Knowledge/CVE-2021-44228-Handling-the-log4j-lookups-critical-vulnerability/ta-p/1869994) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Forts | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik RepliWeb and ARC | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Sense Business | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Sense Enterprise | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Sense Enterprise SaaS | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik View | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Web Connectors | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Replicate | | 6.6, 7.0, 2021.5, 2021.11 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | REST Connectors | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Salesforce and SAP Connectors | | | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | Connectos are not affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| QMATIC | Appointment Booking | | 2.4+ | Fixed | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QMATIC | Appointment Booking | | Cloud/Managed Service | Fixed | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | log4j 2.16 applied 2021-12-15 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QMATIC | Insights | | Cloud | Fixed | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | log4j 2.16 applied 2021-12-16 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QMATIC | Orchestra Central | | | Not Affected | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QNAP | QES Operating System | | | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QNAP | Qsirch | | | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QNAP | QTS Operating System | | | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QNAP | QuTS Hero Operating System | | | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QOPPA | All | | | Unknown | [link](https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QOS.ch | SLF4J Simple Logging Facade for Java | | | Unknown | [link](https://www.slf4j.org/log4shell.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QSC Q-SYS | All | | | Unknown | [link](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QT | All | | | Unknown | [link](https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest | Foglight | | | Unknown | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest | Foglight | | 6.0 | Fixed | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest | Quest KACE SMA | | | Not Affected | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&t=Global) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,132 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| R | R | | | Not Affected | [link](https://www.r-project.org/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| R2ediviewer | | | | Unknown | [link](https://r2ediviewer.de/DE/reload.html?Change-log_17858584.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Radware | | | | Unknown | [link](https://support.radware.com/app/answers/answer_view/a_id/1029752) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rapid7 | AlcidekArt, kAdvisor, and kAudit | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | AppSpider Enterprise | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | AppSpider Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Insight Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightAppSec Scan Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightCloudSec/DivvyCloud | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightConnect Orchestrator | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightIDR Network Sensor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightIDR/InsightOps Collector & Event Sources | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightOps DataHub | InsightOps DataHub <= 2.0 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [DataHub to version 2.0.1](https://rep.logentries.com/datahub/DataHub_2.0.1.deb) using the [following instructions](https://docs.rapid7.com/insightops/setting-up-datahub/). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightOps non-Java logging libraries | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightOps r7insight_java logging library | <=3.0.8 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Upgrade [r7insight_java](https://github.com/rapid7/r7insight_java) to 3.0.9 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM Kubernetes Monitor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM/Nexpose | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM/Nexpose Console | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | InsightVM/Nexpose Engine | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | IntSights virtual appliance | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Logentries DataHub | Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Linux: Install DataHub_1.2.0.822.deb using the following [instructions](https://docs.logentries.com/docs/datahub-linux). Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these [instructions](https://docs.logentries.com/docs/datahub-windows). You can find more details [here](https://docs.logentries.com/docs/datahub-linux). | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Logentries le_java logging library | All versions: this is a deprecated component | | Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Migrate to version 3.0.9 of [r7insight_java](https://github.com/rapid7/r7insight_java) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Metasploit Framework | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Metasploit Pro | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | tCell Java Agent | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rapid7 | Velociraptor | | | Not Affected | [link](https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/?mkt_tok=NDExLU5BSy05NzAAAAGBVaccW1DOLSfEsfTNwEJksv_1nK1muJSFze-Lle90mKtAO78nSdjwPdzqXskNIi9qZCAGQODD42mYRK4YPlQkjhn38E27HQxFHdHAkypEOsh8) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Raritan | | | | Unknown | [link](https://www.raritan.com/support) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ravelin | | | | Unknown | [link](https://syslog.ravelin.com/log4shell-cve-2021-44228-4338bb8da67b) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Real-Time Innovations (RTI) | Distributed Logger | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | Recording Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Administration Console | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Code Generator | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Code Generator Server | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Micro Application Generator (MAG) | as part of RTI Connext Professional 6.0.0 and 6.0.1 | | Affected | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Real-Time Innovations (RTI) | RTI Monitor | | | Unknown | [link](https://community.rti.com/kb/apache-log4j-vulnerability-cve-2021-44228cve-2021-45046-impact-rti-connext-products) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Red Hat | log4j-core | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Integration Camel K | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5130](https://access.redhat.com/errata/RHSA-2021:5130) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat build of Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat CodeReady Studio | | 12.21.0 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [CRS 12.21.1 Patch](https://developers.redhat.com/products/codeready-studio/download?source=sso) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Data Grid | | 8 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5132](http://access.redhat.com/errata/RHSA-2021:5132) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Decision Manager | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Enterprise Linux | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat Integration Camel Quarkus | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5126](https://access.redhat.com/errata/RHSA-2021:5126) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat JBoss A-MQ Streaming | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5138](https://access.redhat.com/errata/RHSA-2021:5138) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat JBoss Enterprise Application Platform | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform&downloadType=securityPatches&version=7.4) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Red Hat | Red Hat JBoss Fuse | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5134](https://access.redhat.com/errata/RHSA-2021:5134) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Process Automation | | 7 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [Maven Patch](https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=103671&product=rhpam&version=7.11.1&downloadType=patches) - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Single Sign-On | | | Not Affected | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Red Hat Vert.X | | 4 | Fixed | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5093](https://access.redhat.com/errata/RHSA-2021:5093) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Satellite 5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat | Spacewalk | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-elasticsearch5 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | [RHSA-2021:5094](http://access.redhat.com/errata/RHSA-2021:5094) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 4 | openshift4/ose-logging-elasticsearch6 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-hive | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Container Platform 4 | openshift4/ose-metering-presto | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenShift Logging | logging-elasticsearch6-container | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | Please refer to Red Hat Customer Portal to find the right errata for your version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat OpenStack Platform 13 (Queens) | opendaylight | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | End of Life | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat Software Collections | rh-java-common-log4j | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat Software Collections | rh-maven35-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red Hat Software Collections | rh-maven36-log4j12 | | | Unknown | [link](https://access.redhat.com/security/cve/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Red5Pro | | | | Unknown | [link](https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RedGate | | | | Unknown | [link](https://www.red-gate.com/privacy-and-security/vulnerabilities/2021-12-15-log4j-statement) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Redis | | | | Unknown | [link](https://redis.com/security/notice-apache-log4j2-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Reiner SCT | | | | Unknown | [link](https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ReportURI | | | | Unknown | [link](https://scotthelme.co.uk/responding-to-the-log4j-2-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ResMed | AirView | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| ResMed | myAir | | | Unknown | [link](https://www.resmed.com/en-us/security/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Respondus | | | | Unknown | [link](https://support.respondus.com/support/index.php?/News/NewsItem/View/339) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Revenera / Flexera | | | | Unknown | [link](https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ricoh | | | | Unknown | [link](https://www.ricoh.com/info/2021/1215_1/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RingCentral | | | | Unknown | [link](https://www.ringcentral.com/trust-center/security-bulletin.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Riverbed | | | | Unknown | [link](https://supportkb.riverbed.com/support/index?page=content&id=S35645) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rockwell Automation | FactoryTalk Analytics DataFlowML | 4.00.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | FactoryTalk Analytics DataView | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | Industrial Data Center | | Gen 1, Gen 2, Gen 3, Gen 3.5 | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | MES EIG | 3.03.00 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | VersaVirtual | | Series A | Fixed | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rockwell Automation | Warehouse Management | 4.01.00, 4.02.00, 4.02.01, 4.02.02 | | Affected | [link](https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Rollbar | | | | Unknown | [link](https://rollbar.com/blog/log4j-zero-day-2021-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rosette.com | | | | Unknown | [link](https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Authentication Manager | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Authentication Manager Prime | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Authentication Manager WebTier | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Governance and Lifecycle | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Governance and Lifecycle Cloud | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA | SecurID Identity Router | | | Unknown | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| RSA Netwitness | | | | Unknown | [link](https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Rstudioapi | Rstudioapi | | | Not Affected | [link](https://github.com/rstudio/rstudioapi) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Rubrik | | | | Unknown | [link](https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ruckus | Virtual SmartZone (vSZ) | 5.1 to 6.0 | | Affected | [link](https://support.ruckuswireless.com/security_bulletins/313) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| RunDeck by PagerDuty | | | | Unknown | [link](https://docs.rundeck.com/docs/history/CVEs/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Runecast | Runecast Analyzer | | 6.0.3 | Fixed | [link](https://www.runecast.com/release-notes) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,342 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| SAE-IT | | | | Unknown | [link](https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAFE FME Server | | | | Unknown | [link](https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAGE | | | | Unknown | [link](https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SailPoint | | | | Unknown | [link](https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Salesforce | Analytics Cloud | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | B2C Commerce Cloud | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | ClickSoftware (As-a-Service) | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | ClickSoftware (On-Premise) | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Data.com | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | DataLoader | | >=53.0.2 | Fixed | [link](https://github.com/forcedotcom/dataloader/releases/tag/v53.0.2) | This version is for use with Salesforce Winter '22 or higher release through Salesforce Force Partner API and Force WSC v53.0.0. It contains the fix for CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 by upgrading to log4j 2.17.0. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Datorama | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Evergage (Interaction Studio) | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Experience (Community) Cloud | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Force.com | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Heroku | | | Not Affected | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Marketing Cloud | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | MuleSoft (Cloud) | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | MuleSoft (On-Premise) | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Pardot | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Sales Cloud | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Service Cloud | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Slack | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Social Studio | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Salesforce | Tableau (On-Premise) | | < 2021.4.1 | Fixed | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Salesforce | Tableau (Online) | | All | Fixed | [link](https://help.salesforce.com/s/articleView?id=000363736&type=1) | Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| Samsung Electronics America | Knox Admin Portal | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Asset Intelligence | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Configure | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox E-FOTA One | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Guard | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox License Management | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Manage | | Cloud | Fixed | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Managed Services Provider (MSP) | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Mobile Enrollment | | | Not Affected | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Samsung Electronics America | Knox Reseller Portal | | Cloud | Fixed | [link](https://www.samsungknox.com/en/blog/an-update-on-the-impact-of-the-apache-log4j-cve-2021-44228-vulnerability-on-samsung-knox-cloud-services) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Sangoma | | | | Unknown | [link](https://help.sangoma.com/community/s/article/Log4Shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SAP | | | | Unknown | [link](https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| SAP Advanced Platform | | | | Unknown | [link](https://launchpad.support.sap.com/#/notes/3130698) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| SAP BusinessObjects | | | | Unknown | [link](https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/) | The support document is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| SAS | | | | Unknown | [link](https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SASSAFRAS | | | | Unknown | [link](https://www.sassafras.com/log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Savignano software solutions | | | | Unknown | [link](https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SBT | SBT | <1.5.6 | | Affected | [link](https://github.com/sbt/sbt/releases/tag/v1.5.7) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| ScaleComputing | | | | Unknown | [link](https://community.scalecomputing.com/s/article/Apache-Log4j-Vulnerability) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ScaleFusion MobileLock Pro | | | | Unknown | [link](https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Schneider Electric | EASYFIT | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | Ecoreal XL | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | EcoStruxure IT Expert | | Cloud | Fixed | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | EcoStruxure IT Gateway | | V1.5.0 to V1.13.0 | Fixed | [link](https://ecostruxureit.com/download-and-set-upecostruxureit-gateway/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | Eurotherm Data Reviewer | V3.0.2 and prior | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | Facility Expert Small Business | | Cloud | Fixed | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | MSE | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | NetBotz750/755 | Software versions 5.0 through 5.3.0 | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | NEW630 | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SDK BOM | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SDK-Docgen | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SDK-TNC | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SDK-UMS | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SDK3D2DRenderer | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SDK3D360Widget | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | Select and Config DATA | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SNC-API | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SNC-CMM | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SNCSEMTECH | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SPIMV3 | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SWBEditor | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | SWBEngine | Current software and earlier | | Affected | [link](https://www.se.com/us/en/download/document/7EN52-0390/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schneider Electric | Wiser by SE platform | | Cloud | Fixed | | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Schweitzer Engineering Laboratories | | | | Unknown | [link](https://selinc.com/support/security-notifications/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| SCM Manager | | | | Unknown | [link](https://scm-manager.org/blog/posts/2021-12-13-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ScreenBeam | | | | Unknown | [link](https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SDL worldServer | | | | Unknown | [link](https://gateway.sdl.com/apex/communityknowledge?articleName=000017707) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Seagull Scientific | | | | Unknown | [link](https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SecurePoint | | | | Unknown | [link](https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Security Onion | | | | Unknown | [link](https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Securonix | Extended Detection and Response (XDR) | All | | Affected | [link](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Securonix | Next Gen SIEM | All | | Affected | [link](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Securonix | Security Analytics and Operations Platform (SOAR) | All | | Affected | [link](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Securonix | SNYPR Application | | | Unknown | [link](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-OnPrem-Customer-Update.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Securonix | User and Entity Behavior Analytics(UEBA) | All | | Affected | [link](https://www.securonix.com/wp-content/uploads/2021/12/CVE-2021-44228-Securonix-Cloud-Customer-Update.pdf) | Patching ongoing as of 12/10/2021 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Seeburger | | | | Unknown | [link](https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open) | This advisory is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SentinelOne | | | | Unknown | [link](https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sentry | | | | Unknown | [link](https://blog.sentry.io/2021/12/15/sentrys-response-to-log4j-vulnerability-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SEP | | | | Unknown | [link](https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Server Eye | | | | Unknown | [link](https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ServiceNow | | | | Unknown | [link](https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ServiceTitan | ServiceTitan | | Cloud | Fixed | [link](https://security.servicetitan.com/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-07 |
| Shibboleth | | | | Unknown | [link](http://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Shibboleth | All Products | | | Not Affected | [link](https://shibboleth.net/pipermail/announce/2021-December/000253.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Shopify | | | | Unknown | [link](https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siebel | | | | Unknown | [link](https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-501673.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-19 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Siemens Energy | Affected Products | | | Unknown | [link](https://cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf) | Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Siemens Healthineers | ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | CENTRALINK v16.0.2 / v16.0.3 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | Cios Flow S1 / Alpha / Spin VA30 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | Cios Select FD/I.I. VA21 / VA21-S3P | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | DICOM Proxy VB10A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.All, Som10 VA20 / VA30 / VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.Fit, Som10 VA30 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.Now, Som10 VA10 / VA20 / VA30 / VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.Open Pro, Som10 VA30 / VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.Sim, Som10 VA30 / VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | go.Up, Som10 VA10 / VA20 / VA30 / VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Altea NUMARIS/X VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Amira NUMARIS/X VA12M | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Free.Max NUMARIS/X VA40 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Lumina NUMARIS/X VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Sempra NUMARIS/X VA12M | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Sola fit NUMARIS/X VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Sola NUMARIS/X VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Vida fit NUMARIS/X VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | MAGNETOM Vida NUMARIS/X VA10A* / VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | Somatom Emotion Som5 VC50 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | Somatom Scope Som5 VC50 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | evaluation ongoing | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | Syngo MobileViewer VA10A | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | The vulnerability will be patch/mitigated in upcoming releases/patches. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Please contact your Customer Service to get support on mitigating the vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | | Unknown | [link](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Sierra Wireless | | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sierra Wireless | AirVantage and Octave cloud platforms | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Sierra Wireless | AM/AMM servers | | | Unknown | [link](https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/#sthash.iT98k4HP.dpbs) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Signald | | | | Unknown | [link](https://gitlab.com/signald/signald/-/issues/259) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Silver Peak | Orchestrator, Silver Peak GMS | | | Unknown | [link](https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf) | Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| SingleWire | | | | Unknown | [link](https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228) | This advisory is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SISCO | | | | Unknown | [link](https://sisconet.com/sisco-news/log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Sitecore | | | | Unknown | [link](https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Skillable | | | | Unknown | [link](https://skillable.com/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SLF4J | | | | Unknown | [link](http://slf4j.org/log4shell.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Slurm | Slurm | | | Not Affected | [link](https://slurm.schedmd.com/documentation.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| SMA Solar Technology AG | | | | Unknown | [link](https://files.sma.de/downloads/HK_Log4j-en-10.pdf?_ga=2.237963714.352491368.1640298543-2015796445.1640298540) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| SmartBear | | | | Unknown | [link](https://smartbear.com/security/cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SmileCDR | | | | Unknown | [link](https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sn0m | | | | Unknown | [link](https://www.snom.com/en/press/log4j-poses-no-threat-snom-phones/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Snakemake | Snakemake | | | Not Affected | [link](https://snakemake.readthedocs.io/en/stable/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| Snow Software | Snow Commander | | 8.1 to 8.10.2 | Fixed | [link](https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Snow Software | VM Access Proxy | | v3.1 to v3.6 | Fixed | [link](https://community.snowsoftware.com/s/feed/0D5690000B4U6hUCQS) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Snowflake | | | | Unknown | [link](https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Snyk | Cloud Platform | | | Unknown | [link](https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Software AG | | | | Unknown | [link](https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SolarWinds | Database Performance Analyzer (DPA) | 2021.1.x, 2021.3.x, 2022.1.x | | Affected | [link](https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228) | For more information, please see the following KB article: [link](https://support.solarwinds.com/SuccessCenter/s/article/Database-Performance-Analyzer-DPA-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| SolarWinds | Orion Platform | | | Unknown | [link](https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| SolarWinds | Server & Application Monitor (SAM) | SAM 2020.2.6 and later | | Affected | [link](https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228) | For more information, please see the following KB article for the latest details specific to the SAM hotfix: [link](https://support.solarwinds.com/SuccessCenter/s/article/Server-Application-Monitor-SAM-and-the-Apache-Log4j-Vulnerability-CVE-2021-44228?language=en_US) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| SonarSource | | | | Unknown | [link](https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sonatype | All Products | | | Not Affected | [link](https://help.sonatype.com/docs/important-announcements/sonatype-product-log4j-vulnerability-status) | Sonatype uses logback as the default logging solution as opposed to log4j. This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the reported log4j vulnerabilities. We still advise keeping your software upgraded at the latest version. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-29 |
| SonicWall | Access Points | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the SonicWall Access Points | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Analytics | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Analyzer | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Capture Client & Capture Client Portal | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the Capture Client. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Capture Security Appliance | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the Capture Security appliance. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | CAS | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Email Security | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | ES 10.0.11 and earlier versions are impacted | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| SonicWall | Gen5 Firewalls (EOS) | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the appliance. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Gen6 Firewalls | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the appliance. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | Gen7 Firewalls | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the appliance. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | GMS | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | MSW | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Mysonicwall service doesn't use Log4j | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | NSM | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | NSM On-Prem and SaaS doesn't use a vulnerable version | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | SMA 100 | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the SMA100 appliance. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | SMA 1000 | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Version 12.1.0 and 12.4.1 doesn't use a vulnerable version | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | SonicCore | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | SonicCore doesn't use a Log4j2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | SonicWall Switch | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the SonicWall Switch. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | WAF | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | WNM | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the WNM. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SonicWall | WXA | | | Unknown | [link](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | WXA doesn't use a vulnerable version | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Cloud Optix | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Reflexion | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Reflexion does not run an exploitable configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | SG UTM (all versions) | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos SG UTM does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | SG UTM Manager (SUM) (all versions) | | | Not Affected | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | SUM does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Sophos Central | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Central does not run an exploitable configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Sophos Firewall (all versions) | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Firewall does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Sophos Home | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Home does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Sophos Mobile | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Sophos Mobile EAS Proxy | < 9.7.2 | | Affected | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Sophos | Sophos ZTNA | | | Unknown | [link](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos ZTNA does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| SOS Berlin | | | | Unknown | [link](https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spacelabs Healthcare | ABP | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | CardioExpress | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | DM3 and DM4 Monitors | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Eclipse Pro | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | EVO | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Intesys Clinical Suite (ICS) | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Intesys Clinical Suite (ICS) Clinical Access Workstations | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Lifescreen Pro | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Pathfinder SL | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Qube | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Qube Mini | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | SafeNSound | | 4.3.1 | Fixed | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | Version >4.3.1 - Not Affected | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Sentinel | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Spacelabs Cloud | | | Unknown | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Ultraview SL | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Xhibit Telemetry Receiver (XTR) | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Xhibit, XC4 | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | XprezzNet | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spacelabs Healthcare | Xprezzon | | | Not Affected | [link](https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-05 |
| Spambrella | | | | Unknown | [link](https://www.spambrella.com/faq/status-of-spambrella-products-with-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spigot | | | | Unknown | [link](https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | IT Essentials Work [App ID 5403](https://splunkbase.splunk.com/app/5403/) | 4.11, 4.10.x (Cloud only), 4.9.x | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | IT Service Intelligence (ITSI) [App ID 1841](https://splunkbase.splunk.com/app/1841/) | 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Add-On for Java Management Extensions [App ID 2647](https://splunkbase.splunk.com/app/2647) | 5.2.0 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Add-On for Tomcat [App ID 2911](https://splunkbase.splunk.com/app/2911/) | 3.0.0 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Application Performance Monitoring | Current | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Connect for Kafka | All versions prior to 2.0.4 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Enterprise (including instance types like Heavy Forwarders) | All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | See Splunk Enterprise | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Enterprise Docker Container | See Splunk Enterprise | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Infrastructure Monitoring | Current | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Log Observer | Current | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Logging Library for Java | 1.11.0 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk On-call / VictorOps | Current | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk OVA for VMWare [App ID 3216](https://splunkbase.splunk.com/app/3216/) | 4.0.3 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk OVA for VMWare Metrics [App ID 5096](https://splunkbase.splunk.com/app/5096/) | 4.2.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Real User Monitoring | Current | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Splunk Add-On for JBoss [App ID 2954](https://splunkbase.splunk.com/app/2954/) | 3.0.0 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk Synthetics | Current | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk UBA OVA Software | 5.0.3a, 5.0.0 | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Splunk | Splunk VMWare OVA for ITSI [App ID 4760](https://splunkbase.splunk.com/app/4760/) | 1.1.1 and older | | Affected | [link](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-30 |
| Sprecher Automation | | | | Unknown | [link](https://www.sprecher-automation.com/en/it-security/security-alerts) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring | Spring Boot | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Spring Boot | | | | Unknown | [link](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| StarDog | | | | Unknown | [link](https://community.stardog.com/t/stardog-7-8-1-available/3411) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| STERIS | Advantage | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Advantage Plus | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 2000 SERIES WASHER DISINFECTORS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 3000 SERIES WASHER DISINFECTORS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 400 MEDIUM STEAM STERILIZER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 400 SMALL STEAM STERILIZERS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 5000 SERIES WASHER DISINFECTORS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 600 MEDIUM STEAM STERILIZER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO 7000 SERIES WASHER DISINFECTORS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO CENTURY MEDIUM STEAM STERILIZER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO CENTURY SMALL STEAM STERILIZER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | AMSCO EVOLUTION MEDIUM STEAM STERILIZER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Canexis 1.0 | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | CELERITY HP INCUBATOR | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | CELERITY STEAM INCUBATOR | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | CER Optima | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Clarity Software | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Connect Software | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | ConnectAssure Technology | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | ConnectoHIS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | CS-iQ Sterile Processing Workflow | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | DSD Edge | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | DSD-201, | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | EndoDry | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Endora | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Harmony iQ Integration Systems | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Harmony iQ Perspectives Image Management System | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | HexaVue | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | HexaVue Integration System | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | IDSS Integration System | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RapidAER | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | ReadyTracker | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RealView Visual Workflow Management System | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RELIANCE 444 WASHER DISINFECTOR | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RELIANCE SYNERGY WASHER DISINFECTOR | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Renatron | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | ScopeBuddy+ | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | SecureCare ProConnect Technical Support Services | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | Situational Awareness for Everyone Display (S.A.F.E.) | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | SPM Surgical Asset Tracking Software | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| STERIS | VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS | | | Unknown | [link](https://h-isac.org/wp-content/uploads/2021/12/Steris_Revised-Security-Advisory-For-Apaches-Log4j-12.16.21.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Sterling Order IBM | | | | Unknown | [link](https://www.ibm.com/support/pages/node/6525544) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Storagement | | | | Unknown | [link](https://www.storagement.de/index.php?action=topicofthemonth&site=log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| StormShield | | | | Unknown | [link](https://www.stormshield.com/news/log4shell-security-alert-stormshield-product-response/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| StrangeBee TheHive & Cortex | | | | Unknown | [link](https://blog.strangebee.com/apache-log4j-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Stratodesk | | | | Unknown | [link](http://cdn.stratodesk.com/repository/notouch-center/10/4.5.231/0/ReleaseNotes-Stratodesk-NoTouch_Center-4.5.231.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Strimzi | | | | Unknown | [link](https://strimzi.io/blog/2021/12/14/strimzi-and-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Stripe | | | | Unknown | [link](https://support.stripe.com/questions/update-for-apache-log4j-vulnerability-(cve-2021-44228)) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Styra | | | | Unknown | [link](https://blog.styra.com/blog/newest-log4j-security-vulnerability-cve-2021-44228-log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sumologic | | | | Unknown | [link](https://docs.google.com/document/d/e/2PACX-1vSdeODZ2E5k0aZgHm06OJWhDQWgtxxB0ZIrTsuQjg5xaoxlogmTVGdOWoSFtDlZBdHzY6ET6k6Sk-g1/pub) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SumoLogic | | | | Unknown | [link](https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Superna EYEGLASS | | | | Unknown | [link](https://manuals.supernaeyeglass.com/project-technical-advisories-all-products/HTML/technical-advisories.html#h2__1912345025) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Suprema Inc | | | | Unknown | [link](https://www.supremainc.com/en/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SUSE | | | | Unknown | [link](https://www.suse.com/c/suse-statement-on-log4j-log4shell-cve-2021-44228-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sweepwidget | | | | Unknown | [link](https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Swyx | | | | Unknown | [link](https://service.swyx.net/hc/de/articles/4412323539474) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Synchro MSP | | | | Unknown | [link](https://community.syncromsp.com/t/log4j-rce-cve-2021-4428/1350) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Syncplify | | | | Unknown | [link](https://blog.syncplify.com/no-we-are-not-affected-by-log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Synology | | | | Unknown | [link](https://www.synology.com/en-global/security/advisory/Synology_SA_21_30) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Synopsys | | | | Unknown | [link](https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Syntevo | | | | Unknown | [link](https://www.syntevo.com/blog/?p=5240) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| SysAid | | | | Unknown | [link](https://www.sysaid.com/lp/important-update-regarding-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Sysdig | | | | Unknown | [link](https://sysdig.com/blog/cve-critical-vulnerability-log4j/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,146 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Tableau | Tableau Bridge | The following versions and lower: 20214.21.1109.1748, 20213.21.1112.1434, 20212.21.0818.1843, 20211.21.0617.1133, 20204.21.0217.1203, 20203.20.0913.2112, 20202.20.0721.1350, 20201.20.0614.2321, 20194.20.0614.2307, 20193.20.0614.2306, 20192.19.0917.1648, 20191.19.0402.1911, 20183.19.0115.1143 | | Affected | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Tableau | Tableau Desktop | The following versions and lower: 2021.4, 2021.3.4, 2021.2.5, 2021.1.8, 2020.4.11, 2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 | | Affected | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Tableau | Tableau Prep Builder | The following versions and lower: 22021.4.1, 2021.3.2, 2021.2.2, 2021.1.4, 2020.4.1, 2020.3.3, 2020.2.3, 2020.1.5, 2019.4.2, 2019.3.2, 2019.2.3, 2019.1.4, 2018.3.3 | | Affected | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Tableau | Tableau Public Desktop Client | The following versions and lower: 2021.4 | | Affected | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Tableau | Tableau Reader | The following versions and lower: 2021.4 | | Affected | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Tableau | Tableau Server | The following versions and lower: 2021.4, 2021.3.4, 2021.2.5, 2021.1.8, 2020.4.11, 2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 | | Affected | [link](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Talend | | | | Unknown | [link](https://jira.talendforge.org/browse/TCOMP-2054) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tanium | All | | | Not Affected | [link](https://tanium.my.salesforce.com/sfc/p/#60000000IYkG/a/7V000000PeT8/8C98AHl7wP5_lpUwp3qmY5sSdwXx6wG6LE4gPYlxO8c) | Tanium does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| TealiumIQ | | | | Unknown | [link](https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| TeamPasswordManager | | | | Unknown | [link](https://teampasswordmanager.com/blog/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Teamviewer | | | | Unknown | [link](https://www.teamviewer.com/en/trust-center/security-bulletins/hotfix-log4j2-issue/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tech Software | OneAegis (f/k/a IRBManager) | | | Not Affected | [link](https://support.techsoftware.com/hc/en-us/articles/4412825948179) | OneAegis does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Tech Software | SMART | | | Not Affected | [link](https://support.techsoftware.com/hc/en-us/articles/4412825948179) | SMART does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Tech Software | Study Binders | | | Not Affected | [link](https://support.techsoftware.com/hc/en-us/articles/4412825948179) | Study Binders does not use Log4j. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| TechSmith | | | | Unknown | [link](https://support.techsmith.com/hc/en-us/articles/4416620527885?input_string=log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Telestream | | | | Unknown | [link](http://www.telestream.net/telestream-support/Apache-Log4j2-Bulletin.htm) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tenable | Tenable.io / Nessus | | | Unknown | [link](https://www.tenable.com/log4j) | None of Tenable’s products are running the version of Log4j vulnerable to CVE-2021-44228 or CVE-2021-45046 at this time | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Thales | CADP/SafeNet Protect App (PA) - JCE | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Application Data Protection (CADP) – CAPI.net & Net Core | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Batch Data Transformation (BDT) 2.3 | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Cloud Key Manager (CCKM) Appliance | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Cloud Key Manager (CCKM) Embedded | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Database Protection | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Manager | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Transparent Encryption (CTE/VTE/CTE-U) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust Vaultless Tokenization (CTS, CT-VL) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | CipherTrust/SafeNet PDBCTL | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Crypto Command Center (CCC) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Data Protection on Demand | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Data Security Manager (DSM) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | KeySecure | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Luna EFT | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Luna Network, PCIe, Luna USB HSM and backup devices | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Luna SP | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | payShield Monitor | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | ProtectServer HSMs | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet Authentication Client | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet eToken (all products) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet IDPrime Virtual | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet IDPrime(all products) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet LUKS | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet PKCS#11 and TDE | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet ProtectApp (PA) CAPI, .Net & Net Core | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet ProtectDB (PDB) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Safenet ProtectFile and ProtectFile- Fuse | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet ProtectV | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet SQL EKM | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet Transform Utility (TU) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet Trusted Access (STA) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SafeNet Vaultless Tokenization | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | SAS on Prem (SPE/PCE) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel Connect | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel EMS Enterprise aaS | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel EMS Enterprise OnPremise | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel Envelope | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel ESDaaS | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel HASP, Legacy dog, Maze, Hardlock | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel LDK EMS (LDK-EMS) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel LDKaas (LDK-EMS) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel Professional Services components (both Thales hosted & hosted on-premises by customers) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel RMS | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel SCL | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel Superdog, SuperPro, UltraPro, SHK | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Sentinel Up | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Thales Data Platform (TDP)(DDC) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Thales payShield 10k | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Thales payShield 9000 | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Thales payShield Manager | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Vormetirc Key Manager (VKM) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Vormetric Application Encryption (VAE) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Vormetric Protection for Terradata Database (VPTD) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thales | Vormetric Tokenization Server (VTS) | | | Unknown | [link](https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=12acaed3dbd841105d310573f3961953&sysparm_article=KB0025297) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Thermo Fisher Scientific | | | | Unknown | [link](https://corporate.thermofisher.com/us/en/index/about/information-security/Protecting-Our-Products.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Thermo-Calc | Thermo-Calc | | | Not Affected | [link](https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/) | Use the program as normal, Install the 2022a patch when available | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Thermo-Calc | Thermo-Calc | | | Not Affected | [link](https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/) | Use the program as normal | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Thermo-Calc | Thermo-Calc | | | Not Affected | [link](https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/) | Use the program as normal, delete the Log4j 2 files in the program installation if required, see advisory for instructions. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Thermo-Calc | Thermo-Calc | | | Not Affected | [link](https://thermocalc.com/blog/thermo-calc-response-to-apache-log4j-2-vulnerability/) | Use the program as normal | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Thomson Reuters | HighQ Appliance | <3.5 | | Affected | [link](https://highqsolutions.zendesk.com) | Reported by vendor - Documentation is in vendor's client portal (login required). This advisory is available to customer only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| ThreatLocker | | | | Unknown | [link](https://threatlocker.kb.help/log4j-vulnerability/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ThycoticCentrify | Account Lifecycle Manager | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Cloud Suite | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Connection Manager | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | DevOps Secrets Vault | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Password Reset Server | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Privilege Manager | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Privileged Behavior Analytics | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Secret Server | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| ThycoticCentrify | Server Suite | | | Not Affected | [link](https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-10 |
| Tibco | | | | Unknown | [link](https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Top Gun Technology (TGT) | | | | Unknown | [link](https://www.topgun-tech.com/technical-bulletin-apache-software-log4j-security-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| TopDesk | | | | Unknown | [link](https://my.topdesk.com/tas/public/ssp/content/detail/knowledgeitem?unid=74952771dfab4b0794292e63b0409314) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Topicus Security | Topicus KeyHub | | | Not Affected | [link](https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-20 |
| Topix | | | | Unknown | [link](https://www.topix.de/de/technik/systemfreigaben.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tosibox | | | | Unknown | [link](https://helpdesk.tosibox.com/support/solutions/articles/2100050946-security-advisory-on-vulnerability-in-apache-log4j-library-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| TPLink | Omega Controller | Linux/Windows(all) | | Affected | [link](https://www.tp-link.com/us/support/faq/3255) | Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16 | [Tp Community Link](https://community.tp-link.com/en/business/forum/topic/514452),[Reddit Link](https://www.reddit.com/r/TPLink_Omada/comments/rdzvlp/updating_the_sdn_to_protect_against_the_log4j) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| TrendMicro | All | | | Unknown | [link](https://success.trendmicro.com/solution/000289940) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tricentis Tosca | | | | Unknown | [link](https://support-hub.tricentis.com/open?number=NEW0001148&id=post) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tridium | | | | Unknown | [link](https://docs.niagara-community.com/bundle/TechBulletin2021/resource/Dec_13_2021_NiagaraNotExposed_Apache_log4j.pdf) | Document access requires authentication. CISA is not able to validate vulnerability status. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-19 |
| Trimble | eCognition | 10.2.0 Build 4618 | | Affected | | Remediation steps provided by Trimble | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Tripp Lite | LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX, SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces) | | | Unknown | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripp Lite | PowerAlert Local (PAL) | | | Unknown | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripp Lite | PowerAlert Network Management System (PANMS) | | | Unknown | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripp Lite | PowerAlert Network Shutdown Agent (PANSA) | | | Unknown | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripp Lite | PowerAlertElement Manager (PAEM) | 1.0.0 | | Affected | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which will contain a patched version of Log4j2 | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripp Lite | SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or embedded SNMPWEBCARD | | | Unknown | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripp Lite | TLNETCARD and associated software | | | Unknown | [link](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-04 |
| Tripwire | | | | Unknown | [link](https://www.tripwire.com/log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| TrueNAS | | | | Unknown | [link](https://www.truenas.com/community/threads/log4j-vulnerability.97359/post-672559) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Tufin | | | | Unknown | [link](https://portal.tufin.com/articles/SecurityAdvisories/Apache-Log4Shell-Vulnerability-12-12-2021) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| TYPO3 | | | | Unknown | [link](https://typo3.org/article/typo3-psa-2021-004) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,44 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Ubiquiti | UniFi Network Application | 6.5.53 & lower versions | | Affected | [link](https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Ubiquiti | UniFi Network Controller | 6.5.54 & lower versions | | Affected | [link](https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e) | | 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Ubuntu | | | | Unknown | [link](https://ubuntu.com/security/CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| UiPath | InSights | 20.10 | | Affected | [link](https://www.uipath.com/legal/trust-and-security/cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Umbraco | | | | Unknown | [link](https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| UniFlow | | | | Unknown | [link](https://www.uniflow.global/en/security/security-and-maintenance/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Unify ATOS | | | | Unknown | [link](https://networks.unify.com/security/advisories/OBSO-2112-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Unimus | | | | Unknown | [link](https://forum.unimus.net/viewtopic.php?f=7&t=1390#top) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| USSIGNAL MSP | | | | Unknown | [link](https://ussignal.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |

@ -0,0 +1,123 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Varian | Acuity | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ARIA Connect (Cloverleaf) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ARIA eDOC | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ARIA oncology information system for Medical Oncology | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ARIA oncology information system for Radiation Oncology | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ARIA Radiation Therapy Management System (RTM) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Bravos Console | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Clinac | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Cloud Planner | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | DITC | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | DoseLab | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Eclipse treatment planning software | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ePeerReview | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Ethos | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | FullScale oncology IT solutions | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Halcyon system | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ICAP | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Identify | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Information Exchange Manager (IEM) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | InSightive Analytics | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Large Integrated Oncology Network (LION) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Mobius3D platform | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | PaaS | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | ProBeam | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Qumulate | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Real-time Position Management (RPM) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Respiratory Gating for Scanners (RGSC) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | SmartConnect solution | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | See Knowledge Article: 000038850 on MyVarian | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | SmartConnect solution Policy Server | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | See Knowledge Articles: 000038831 and 000038832 on MyVarian | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | TrueBeam radiotherapy system | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | UNIQUE system | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Varian Authentication and Identity Server (VAIS) | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Varian Managed Services Cloud | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Varian Mobile App | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | VariSeed | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Velocity | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | VitalBeam radiotherapy system | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | Vitesse | | | Not Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | XMediusFax for ARIA oncology information system for Medical Oncology | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Varian | XMediusFax for ARIA oncology information system for Radiation Oncology | All | | Affected | [link](https://www.varian.com/resources-support/services/cybersecurity-varian/java-log4j-vulnerabilities) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| VArmour | | | | Unknown | [link](https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Varnish Software | | | | Unknown | [link](https://docs.varnish-software.com/security/CVE-2021-44228-45046/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Varonis | | | | Unknown | [link](https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Veeam | | | | Unknown | [link](https://www.veeam.com/kb4254) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Venafi | | | | Unknown | [link](https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Veritas NetBackup | | | | Unknown | [link](https://www.veritas.com/content/support/en_US/article.100052070) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Vertica | | | | Unknown | [link](https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Video Insight Inc. | Video Insight | | | Not Affected | [link](https://i-pro.com/eu/en/surveillance/news/i-pro-products-and-log4j-2x-vulnerability) | Video Insight is a part of Panasonic I-Pro. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-19 |
| Viso Trust | | | | Unknown | [link](https://blog.visotrust.com/viso-trust-statement-re-cve-2021-44228-log4j-a4b9b5767492) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| VMware | API Portal for VMware Tanzu | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | App Metrics | 2.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | Healthwatch for Tanzu Application Service | 2.x, 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | Single Sign-On for VMware Tanzu Application Service | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | Spring Cloud Gateway for Kubernetes | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | Spring Cloud Gateway for VMware Tanzu | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | Spring Cloud Services for VMware Tanzu | 3.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | vCenter Server - OVA | 7.x, 6.7.x, 6.5.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | [Workaround @ KB87081 (vmware.com)](https://kb.vmware.com/s/article/87081 ) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| VMware | vCenter Server - Windows | 6.7.x, 6.5.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | [Workaround @ KB87096 (vmware.com)](https://kb.vmware.com/s/article/87096 ) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| VMware | VMware Carbon Black Cloud Workload Appliance | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Carbon Black EDR Server | 7.x, 6.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Cloud Foundation | 4.x, 3.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware HCX | 4.x, 3.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Horizon | 8.x, 7.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | [VMware KB 87073 (vmware.com)](https://kb.vmware.com/s/article/87073) | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| VMware | VMware Horizon Cloud Connector | 1.x, 2.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Horizon DaaS | 9.1.x, 9.0.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Identity Manager | 3.3.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware NSX-T Data Centern | 3.x, 2.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Site Recovery Manager | 8.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu Application Service for VMs | 2.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu GemFire | 9.x, 8.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu Greenplum | 6.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu Kubernetes Grid Integrated Edition | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu Observability by Wavefront Nozzle | 3.x, 2.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu Operations Manager | 2.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Tanzu SQL with MySQL for VMs | 2.x, 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Telco Cloud Automation | 2.x, 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Unified Access Gateway | 21.x, 20.x, 3.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vCenter Cloud Gateway | 1.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vRealize Automation | 8.x, 7.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vRealize Lifecycle Manager | 8.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vRealize Log Insight | 8.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vRealize Operations | 8.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vRealize Operations Cloud Proxy | Any | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware vRealize Orchestrator | 8.x, 7.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Workspace ONE Access | 21.x, 20.10.x | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VMware | VMware Workspace ONE Access Connector (VMware Identity Manager Connector) | 21.x, 20.10.x, 19.03.0.1 | | Affected | [link](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| VTScada | All | | | Not Affected | [link](https://www.vtscada.com/vtscada-unaffected-by-log4j/) | Java is not utilized within VTScada software, and thus our users are unaffected. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-17 |
| Vyaire | | | | Unknown | [link](https://www.vyaire.com/sites/us/files/2021-12/2021-12-15-product-security-bulletin-for-log4shell-vulnerability.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |

@ -0,0 +1,81 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| WAGO | WAGO Smart Script | | 4.2.x < 4.8.1.3 | Fixed | [link](https://www.wago.com/de/automatisierungstechnik/psirt#log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Wallarm | All | | | Unknown | [link](https://lab.wallarm.com/cve-2021-44228-mitigation-update/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wasp Barcode technologies | All | | | Unknown | [link](https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Watcher | All | | | Not Affected | [link](https://twitter.com/felix_hrn/status/1470387338001977344) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | AuthPoint | | Cloud | Fixed | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | Dimension | | | Not Affected | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | EDPR and Panda AD360 | | | Not Affected | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | Firebox | | | Not Affected | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | System Manager, Dimension, and Panda AD360 | | | Not Affected | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | Threat Detection and Response | | Cloud | Fixed | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WatchGuard | Wi-Fi Cloud | | Cloud | Fixed | [link](https://techsearch.watchguard.com/KB?type=Security%20Issues&SFDCID=kA16S000000SNnuSAG&lang=en_US) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Western Digital | | | | Unknown | [link](https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WIBU Systems | CodeMeter Cloud Lite | | 2.2 and prior | Fixed | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| WIBU Systems | CodeMeter Keyring for TIA Portal | | 1.30 and prior | Fixed | [link](https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/Advisory_WIBU-211213-01.pdf) | Only the Password Manager is affected | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| WildFly | All | | | Not Affected | [link](https://www.wildfly.org/news/2021/12/13/Log4j-CVEs/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS17 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS18 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS19 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | LTS21 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wind River | WRL-6 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-7 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-8 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| Wind River | WRL-9 | | | Not Affected | [link](https://support2.windriver.com/index.php?page=security-notices&on=view&id=7191) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-21 |
| WireShark | All | | | Not Affected | [link](https://www.wireshark.org/news/20211215.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Wistia | All | | | Unknown | [link](https://status.wistia.com/incidents/jtg0dfl5l224) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WitFoo | Precinct | | 6.x | Fixed | [link](https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/) | WitFoo Streamer & Apache Kafka Docker containers are/were vulnerable. See advisory. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WordPress | All | | | Not Affected | [link](https://wordpress.org/support/topic/is-the-log4j-vulnerability-an-issue/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Worksphere | All | | | Unknown | [link](https://www.worksphere.com/product/security-update-on-log4j-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Wowza | Streaming Engine | | 4.7.8, 4.8.x | Fixed | [link](https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| WSO2 | API Manager | | >= 3.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | API Manager Analytics | | >= 2.6.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Enterprise Integrator | | >= 6.1.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Enterprise Integrator Analytics | | >= 6.6.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Identity Server | | >= 5.9.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Identity Server Analytics | | >= 5.7.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Identity Server as Key Manager | | >= 5.9.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Micro Gateway | | >= 3.2.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Micro Integrator | | >= 1.1.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Micro Integrator Dashboard | | >= 4.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Micro Integrator Monitoring Dashboard | | >= 1.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Open Banking AM | | >= 2.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Open Banking BI | | >= 1.3.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Open Banking KM | | >= 2.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Stream Integrator | | >= 1.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Stream Integrator Tooling | | >= 1.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |
| WSO2 | Stream Processor | | >= 4.0.0 | Fixed | [link](https://docs.wso2.com/pages/viewpage.action?pageId=180948677) | A temporary mitigation is available while vendor works on update. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-26 |

@ -0,0 +1,165 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| XCP-ng | All | | | Not Affected | [link](https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| XenForo | | | | Unknown | [link](https://xenforo.com/community/threads/psa-potential-security-vulnerability-in-elasticsearch-5-via-apache-log4j-log4shell.201145/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | AltaLink Products | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | CareAR | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | ColorQube 8700 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | ColorQube 8870 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | ColorQube 8880 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | ColorQube 9201 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | ColorQube 9301 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | DocuCentre SC2020 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | ElemX | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | FreeFlow Core | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | FreeFlow Express to Print | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | FreeFlow Makeready | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | FreeFlow Output Manager | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | FreeFlow Print Manager - APP | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | FreeFlow Variable Information Suite | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Nuvera EA Perfecting Production Systems | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Nuvera EA Production Systems | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3300 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3320 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3330 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3435 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3600 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3610 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 3635 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 4510 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 4622 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6000 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6020 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6022 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6280 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6510 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6600 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 6700 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 7800 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Phaser 8860 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | PrimeLink Products | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Versalink Products | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 33xx | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 3615 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 4260 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 4265 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5135 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5150 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5225 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5230 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 53XX | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5645 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5655 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5740 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5745 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5755 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5765 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 58XX | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5945 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 5955 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 6025 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 6400 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 6515 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 6605 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 6655 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7425 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7435 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7525 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7535 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7556 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7830 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7835 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7855 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre 7970i | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | WorkCentre ECXX | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Account Payable Services | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox App Gallery | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox B1022/25 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox B225 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox B230 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox B235 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox B310 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Baltoro HF Inkjet Press | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Branded ConnectKey Applications | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox C230 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox C235 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox C310 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Campaigns on Demand | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Color EC70 Printer | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox D110 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox D125 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox D95A | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Digital Mailroom Services | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox ECXX | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox ED125 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox ED95A | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox iGen 5 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Instant Print Kiosk | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Intelligent Workplace Services (All Including XDM, XDA, CWW) | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Iridesse Production Press | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox J75 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Print and Scan Experience | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Team Availability Application | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Versant 180 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Versant 280 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Versant 3100 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Versant 4100 | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Workflow Central Platform | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Workplace Kiosk | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Workplace Suite | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | Xerox Workspace Cloud | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | XMPie Data-Driven Print and VDP | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | XMPie Omnichannel Communications | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xerox | XMPie Web to Print | | | Not Affected | [link](https://securitydocs.business.xerox.com/wp-content/uploads/2022/01/Xerox-Special-Bulletin-Regarding-CVE-2021-44228-CVE-2021-45046-and-CVE-2021-45105-v1.7.pdf?_ga=2.84055769.1559902237.1644009323-1916165539.1644009323) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| XPertDoc | All | | | Unknown | [link](https://kb.xpertdoc.com/pages/viewpage.action?pageId=87622727) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| XPLG | All | | | Unknown | [link](https://www.xplg.com/log4j-vulnerability-exploit-log4shell-xplg-secure/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| XWIKI | All | | | Unknown | [link](https://forum.xwiki.org/t/log4j-cve-2021-44228-log4shell-zero-day-vulnerability/9557) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Xylem | Aquatalk | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Avensor | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Configuration change complete | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus Analytics | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus Automation Control Configuration change complete | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus Cathodic Protection Mitigation in process Mitigation in process | | | Affected | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus FieldLogic LogServer | | | Affected | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus Lighting Control | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus NetMetrics Configuration change complete | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus RNI On Prem | 4.7 through 4.10, 4.4 through 4.6, 4.2 | | Affected | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus RNI Saas | | 4.7 through 4.10, 4.4 through 4.6, 4.2 | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Sensus SCS | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Smart Irrigation | | | Affected | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Water Loss Management (Visenti) | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Xylem Cloud | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| Xylem | Xylem Edge Gateway (xGW) | | | Fixed | [link](https://www.xylem.com/siteassets/about-xylem/cybersecurity/advisories/xylem-apache-log4j-xpsa-2021-005.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |

@ -0,0 +1,54 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Yahoo | Vespa | | | Not Affected | [link](https://blog.vespa.ai/log4j-vulnerability/) | Your Vespa application may still be affected if log4j is included in your application package. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Yellowbrick | | | | Unknown | [link](https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| YellowFin | All | | 8.0.10.3, 9.7.0.2 | Fixed | [link](https://community.yellowfinbi.com/announcement/notice-critical-vulnerability-in-log4j2) | v7 and v6 releases are not affected unless you have manually upgraded to Log4j2. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Yenlo | Connext | | | Not Affected | [link](https://www.yenlo.com/news/vulnerability-code-log4shell-log4j2/) | Connext Platform (Managed WSO2 Cloud) and all underlying middleware components are not vulnerable. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| YOKOGAWA | CENTUM VP | | | Unknown | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | CENTUM VP (other components) | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is still under investigation. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | CI Server | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | Exaopc | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | Exaplog | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | Exaquantum | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | FAST/TOOLS | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | PRM | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | ProSafe-RS | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | ProSafe-RS Lite | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | STARDOM | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YOKOGAWA | VTSPortal | | | Not Affected | [link](https://www.yokogawa.com/us/solutions/products-platforms/announcements/important-notice/log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-22 |
| YSoft | SAFEQ 4 | | | Not Affected | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| YSoft | SAFEQ 5 | | | Not Affected | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |
| YSoft | SAFEQ 6 | | <=6.0.63 | Fixed | [link](https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-02-01 |

@ -0,0 +1,63 @@
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Zabbix | | | | Unknown | [link](https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ZAMMAD | | | | Unknown | [link](https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zaproxy | | | | Unknown | [link](https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zebra | | | | Unknown | [link](https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zeiss | Cataract Suite | | 1.3.1 | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zeiss | EQ Workplace | | 1.6, 1.8 | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zeiss | FORUM | | 4.2.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zeiss | Glaucoma Workplace | | 3.5.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zeiss | Laser Treatment Workplace | | 1.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zeiss | Retina Workplace | | 2.5.x, 2.6.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zendesk | All Products | All Versions | | Affected | [link](https://support.zendesk.com/hc/en-us/articles/4413583476122) | Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
| Zenoss | | | | Unknown | [link](https://support.zenoss.com/hc/en-us) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zentera Systems, Inc. | CoIP Access Platform | | | Not Affected | [link](https://support.zentera.net/hc/en-us/articles/4416227743511--CVE-2021-44228-Log4Shell-Vulnerability-in-Apache-Log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Zerto | Cloud Appliance | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zerto | Cloud Manager | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zerto | Virtual Manager | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zerto | Virtual Replication Appliance | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zesty | | | | Unknown | [link](https://www.zesty.io/mindshare/company-announcements/log4j-exploit/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zimbra | | | | Unknown | [link](https://bugzilla.zimbra.com/show_bug.cgi?id=109428) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zix | | | | Unknown | [link](https://status.appriver.com/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| Zoho | Online | | | Unknown | [link](https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
| Zoom | | | | Not Affected | [link](https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| ZPE systems Inc | | | | Unknown | [link](https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zscaler | See Link (Multiple Products) | | | Unknown | [link](https://trust.zscaler.com/posts/9581) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Zyxel | | | | Unknown | [link](https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Zyxel | All other products | | | Not Affected | [link](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Zyxel | Netlas Element Management System (EMS) | | | Affected | [link](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
| Zyxel | Security Firewall/Gateways | | | Not Affected | [link](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
Loading…
Cancel
Save