| Hitachi Energy | 3rd party - Elastic Search, Kibana | Elasticsearch 5.0.0+ | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Set the JVM option -Dlog4j2.formatMsgNoLookups=true and restart each node of the cluster. | | 01/05/2022 |
| Hitachi Energy | Axis | 3.6 | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. Axis is a fully SaaS hosted solution adn the enviroment has been patched per the recommendations | | 01/05/2022 |
| Hitachi Energy | Counterparty Settlement and Billing (CSB) | v6 | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | 01/05/2022 |
| Hitachi Energy | e-Mesh Monitor | | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No end-user action needed. The affected e-Mesh Monitor part is at the cloud offering side of which the remediation is handled by Hitachi Energy team. Remediation is currently ongoing, and during this time period, e-Mesh Monitor edge device is not able to upload data to cloud. | | 01/05/2022 |
| Hitachi Energy | eSOMS | | Not Affected | | [Hitachi Energy](https://www.hitachienergy.com/offering/solutions/cybersecurity/alerts-and-notifications) | | | |
| Hitachi Energy | FOXMAN-UN | R15A, R14B, R14A, R11B SP1 | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, please refer to the technical bulletin “FOXMAN-UN - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. | | 01/05/2022 |
| Hitachi Energy | FOXMAN-UN | R11A and R10 series | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. | | 01/05/2022 |
| Hitachi Energy | Lumada APM SaaS offering | | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. The SaaS offering has been patched per the recommendations. | | 01/05/2022 |
| Hitachi Energy | Lumada APM On-premises | | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions for various versions. | | 01/05/2022 |
| Hitachi Energy | Lumada EAM / FSM | v1.7.x, v1.8.x, v1.9.x | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See Section Mitigation Strategy in vendor advisory. | | 01/05/2022 |
| Hitachi Energy | Network Manager Outage Management Interface (CMI) | 9.0 - 9.10.44, 9.1.1, 10.3.4 | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | 01/05/2022 |
| Hitachi Energy | Network Manager ADMS Network Model Server | 9.1.0.32 - 9.1.0.44 | Fixed | No | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | See vendor advisory for instructions on mitigation steps. | | 01/05/2022 |
| Hitachi Energy | 3rd party - Oracle Database Components | 12.1, 12.2, 19c | Fixed | | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | As this is a third-party component, a separate patch management report will be provided to customers with the steps to apply the Oracle provided patches for these components. | | 01/05/2022 |
| Hitachi Energy | nMarket Global I-SEM | 3.7.15, 3.7.16 | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | | | 01/05/2022 |
| Hitachi Energy | RelCare | 2.0.0 | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | No action is required by customers. The RelCare SaaS hosted solution and the on-premises have been patched per the recommendations. | | 01/05/2022 |
| Hitachi Energy | UNEM | R15A, R14B, R14A, R11B SP1 | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | A patch is available for releases R15A, R14B, R14A and R11B SP1. For details on how to apply such patch, please refer to the technical bulletin “UNEM - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. | | 01/05/2022 |
| Hitachi Energy | UNEM | R11A and R10 series | Fixed | Yes | [Hitachi Energy Advisory Link](https://search.abb.com/library/Download.aspx?DocumentID=8DBD003132&LanguageCode=en&DocumentPartId=&Action=Launch) | Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. | | 01/05/2022 |
@ -2662,6 +2679,13 @@ This list was initially populated using information from the following sources:
| TPLink |Omega Controller|Linux/Windows(all)|Affected|Yes|[Statement on Apache Log4j Vulnerability](https://www.tp-link.com/us/support/faq/3255)|Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16|[Tp Community Link](https://community.tp-link.com/en/business/forum/topic/514452),[Reddit Link](https://www.reddit.com/r/TPLink_Omada/comments/rdzvlp/updating_the_sdn_to_protect_against_the_log4j)|12/15/2021|
| TrendMicro | All | | Under Investigation | | [https://success.trendmicro.com/solution/000289940](https://success.trendmicro.com/solution/000289940) | | | |
| Tripp Lite | LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX, SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces) | | Not affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | | | 01/04/2022 |
| Tripp Lite | SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or embedded SNMPWEBCARD | | Not affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | | | 01/04/2022 |
| Tripp Lite | PowerAlert Local (PAL) | | Not affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. | | 01/04/2022 |
| Tripp Lite | PowerAlert Network Shutdown Agent (PANSA) | | Not affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability.| | 01/04/2022 |
| Tripp Lite | PowerAlert Network Management System (PANMS) | | Not affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) |Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. | | 01/04/2022 |
| Tripp Lite | TLNETCARD and associated software| | Not affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | | | 01/04/2022 |
| Tripp Lite | PowerAlertElement Manager (PAEM)| 1.0.0 | Affected | | [Tripp Lite Log4j2 Knowledge Base Article](https://assets.tripplite.com/software-support/log4j2-vulnerability.pdf) | Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which will contain a patched version of Log4j2 | |01/04/2022 |