- [Statement from CISA Director Easterly on “Log4j” Vulnerability](https://www.cisa.gov/news/2021/12/11/statement-cisa-director-easterly-log4j-vulnerability).
## CISA Current Activity Alerts ##
- [Mitigating Log4Shell and Other Log4j-Related Vulnerabilities](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/22/mitigating-log4shell-and-other-log4j-related-vulnerabilities)
- [CISA Issues ED 22-02 Directing Federal Agencies to Mitigate Apache Log4j Vulnerabilities](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/17/cisa-issues-ed-22-02-directing-federal-agencies-mitigate-apache)
- [Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/apache-releases-log4j-version-2150-address-critical-rce)
- [CISA Creates Webpage for Apache Log4j Vulnerability CVE-2021-44228](https://www.cisa.gov/uscert/ncas/current-activity/2021/12/13/cisa-creates-webpage-apache-log4j-vulnerability-cve-2021-44228)
| Apache | Flink | <flink1.15.0,1.14.1,1.13.3|Affected|No| [Apache Flink: Advise on Apache Log4j Zero Day (CVE-2021-44228)](https://flink.apache.org/2021/12/10/log4j-cve.html) |||12/12/2021|
| Apache | Flink | <1.14.2,1.13.5,1.12.7,1.11.6|Fixed|Yes| [Apache Flink: Advise on Apache Log4j Zero Day (CVE-2021-44228)](https://flink.apache.org/2021/12/10/log4j-cve.html) |Toclarifyandavoidconfusion:The1.14.1/1.13.4/1.12.6/1.11.5releases,whichweresupposedtoonlycontainaLog4jupgradeto2.15.0,wereskippedbecauseCVE-2021-45046wasdiscoveredduringthereleasepublication.Thenew1.14.2/1.13.5/1.12.7/1.11.6releasesincludeaversionupgradeforLog4jtoversion2.16.0toaddressCVE-2021-44228andCVE-2021-45046.| [https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html](https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html)|12/12/2021|
| Apache | Kafka | All | Not Affected | No | [Kafka Apache List](https://kafka.apache.org/cve-list) | The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1, not v2. | | 12/14/2021 |
| Apache | Kafka | Unknown | Affected | No | [Log4j – Apache Log4j Security Vulnerabilities](https://logging.apache.org/log4j/2.x/security.html)| Only vulnerable in certain configuration(s) | | |
| Eaton | Undisclosed | Undisclosed | Affected | | [Security Bulletin](https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Security-Bulletin%20log4j_CVE_2021_44228_v1.0_Legal-Approved.pdf) | Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. | | |
| Emerson | USM 3410 and 3810 Series Ultrasonic Transmitters | | Not Affected | | [Emerson Security Notification MR.RMT21003-2](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | 12/17/2021 |
| Emerson | Mark III Gas and Liquid USM | | Not Affected | | [Emerson Security Notification MR.RMT21003-2](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | 12/17/2021 |
| Emerson | Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor | | Not Affected | | [Emerson Security Notification MR.RMT21003-2](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | 12/17/2021 |
| Emerson | USM 3410 and 3810 Series Ultrasonic Transmitters | | Not Affected | | [Emerson Security Notification EMR.RMT21003-2](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | 12/17/2021 |
| Emerson | Mark III Gas and Liquid USM | | Not Affected | | [Emerson Security Notification EMR.RMT21003-2](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | 12/17/2021 |
| Emerson | Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor | | Not Affected | | [Emerson Security Notification EMR.RMT21003-2](https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf) | | | 12/17/2021 |
| ESRI | ArcGIS Data Store | All | Fixed | Yes | [https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/](https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/) | Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions | | 12/17/2021 |
@ -1791,6 +1879,9 @@ This list was initially populated using information from the following sources:
| SailPoint | | | | | [SailPoint Community Link](https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681) |This advisory is available to customers only and has not been reviewed by CISA | | |
| Salesforce | Analytics Cloud ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."||12/15/2021|
| Salesforce | B2C Commerce Cloud ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | ClickSoftware (As-a-Service) ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) |"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Community Cloud ||Affected|| [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Data.com ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Datorama ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Evergage (Interaction Studio) | | Affected | |[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."||12/15/2021|
| Salesforce | Force.com ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Heroku ||Not Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time."||12/15/2021|
| Salesforce | Marketing Cloud ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | MuleSoft (Cloud) ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Pardot ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Sales Cloud || Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Service Cloud || Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)| "Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Slack | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Social Studio ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Tableau (Online) | | Affected| | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) |"Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Sangoma |||||[Sangoma Community Link](https://help.sangoma.com/community/s/article/Log4Shell) | | | |
| Salesforce | Analytics Cloud ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."||12/15/2021|
| Salesforce | B2C Commerce Cloud ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | ClickSoftware (As-a-Service) ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) |"ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Community Cloud ||Affected|| [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Data.com ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Datorama ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Evergage (Interaction Studio) | | Affected | |[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps."||12/15/2021|
| Salesforce | Force.com ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Heroku ||Not Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time."||12/15/2021|
| Salesforce | Marketing Cloud ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | MuleSoft (Cloud) ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Pardot ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Sales Cloud || Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Service Cloud || Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)| "Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Slack | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Social Studio ||Affected||[Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1)|"Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Salesforce | Tableau (Online) | | Affected| | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) |"Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228."||12/15/2021|
| Sangoma |||||[Sangoma Community Link](https://help.sangoma.com/community/s/article/Log4Shell) | | | |
| SAP | | | | | [https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf](https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf) | This advisory is available to customers only and has not been reviewed by CISA | | 12/17/2021 |
| SAP Advanced Platform | | | | | [SAP Advanced Platform Support Link](https://launchpad.support.sap.com/#/notes/3130698) | This advisory is available to customers only and has not been reviewed by CISA | | 12/17/2021 |
| SAP BusinessObjects | | | | | [CVE-2021-44228 - Impact of Log4j vulnerability on SAP BusinessObjects](https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/) [SAP BusinessObjects Support Link](https://launchpad.support.sap.com/#/notes/3129956) | The support document is available to customers only and has not been reviewed by CISA | | 12/17/2021 |
@ -2100,6 +2191,40 @@ This list was initially populated using information from the following sources:
| Siemens | VeSys | All Versions >=2019.1 SP1912 only if Teamcenter integration feature is used |Affected | No|[Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledgebase/MG618363). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf)| |12/18/2021 |
| Siemens | Xpedition Enterprise | All Versions >=VX.2.6 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledge-base/MG618343). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | 12/18/2021 |
| Siemens | Xpedition IC Packaging | All Versions >=VX.2.6 | Affected | No| [Siemens Advisory - SSA-661257: Apache Log4j Vulnerabilities](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) |Currently no remediation is available. Find detailed mitigation steps [here](https://support.sw.siemens.com/en-US/knowledge-base/MG618343). See further recommendations from [Siemens Advisory SSA-661257](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf).| |12/18/2021 |
| Siemens Healthineers | ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. | | 12/22/2021 |
| Siemens Healthineers | CENTRALINK v16.0.2 / v16.0.3 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. | | 12/22/2021 |
| Siemens Healthineers | DICOM Proxy VB10A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 |
| Siemens Healthineers | go.All, Som10 VA20 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | go.Fit, Som10 VA30 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | go.Now, Som10 VA10 / VA20 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | go.Open Pro, Som10 VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | go.Sim, Som10 VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | go.Up, Som10 VA10 / VA20 / VA30 / VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Altea NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Amira NUMARIS/X VA12M | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Free.Max NUMARIS/X VA40 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Lumina NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Sempra NUMARIS/X VA12M | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Sola fit NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Sola NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Vida fit NUMARIS/X VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | MAGNETOM Vida NUMARIS/X VA10A* / VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. | | 12/22/2021 |
| Siemens Healthineers | Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 |
| Siemens Healthineers | Syngo MobileViewer VA10A | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | The vulnerability will be patch/mitigated in upcoming releases\patches. | | 12/22/2021 |
| Siemens Healthineers | syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 |
| Siemens Healthineers | syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Please contact your Customer Service to get support on mitigating the vulnerability. | | 12/22/2021 |
| Siemens Healthineers | syngo.via WebViewer VA13B / VA20A / VA20B | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: remove the vulnerable class from the .jar file | | 12/22/2021 |
| Siemens Healthineers | X.Ceed Somaris 10 VA40* | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Siemens Healthineers | X.Cite Somaris 10 VA30*/VA40* | | Affected | See Notes | [Siemens Healthineers](https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/cve-2021-44228) | Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. | | 12/22/2021 |
| Silver Peak | Orchestrator, Silver Peak GMS | | Affected | No | [Security Advisory Notice Apache](https://www.arubanetworks.com/website/techdocs/sdwan/docs/advisories/media/security_advisory_notice_apache_log4j2_cve_2021_44228.pdf) | Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. | | 12/14/2021 |
@ -2170,7 +2295,7 @@ This list was initially populated using information from the following sources:
| Splunk | Splunk Infrastructure Monitoring | Current | Affected | CVE-2021-44228: Fixed 12/13 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
| Splunk | Splunk Log Observer | Current | Affected | CVE-2021-44228: Fixed 12/16 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
| Splunk | Splunk Synthetics | Current | Affected | CVE-2021-44228: Fixed 12/10 CVE-2021-45046: Fixed 12/20 | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 9:25 am PT, 12/21/21 |
| Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | |