From e6e8899230def5487dd3360eb2046a66c5e31435 Mon Sep 17 00:00:00 2001 From: Nicholas McDonnell <50747025+mcdonnnj@users.noreply.github.com> Date: Fri, 17 Dec 2021 00:48:38 -0500 Subject: [PATCH] Remove double spaces There are a number of rows that have double spaces in their cell data. As this appears to be unintentional formatting they are replaced with single spaces. --- README.md | 148 +++++++++++++++++++++++++++--------------------------- 1 file changed, 74 insertions(+), 74 deletions(-) diff --git a/README.md b/README.md index 6310d2f..83a4468 100644 --- a/README.md +++ b/README.md @@ -82,7 +82,7 @@ This list was initially populated using information from the following sources: | BeyondTrust | Secure Remote Access appliances | Unkown | Not Affected | | [BeyondTrust Statement on log4j2 CVE-2021-44228 (Log4Shell)](https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542) | | KB0016542 | 2021-12-15 | | Avaya | Avaya Analytics | 3.5, 3.6, 3.6.1, 3.7, 4 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | Tuesday, December 14, 2021 - 8:30pm ET | | Avaya | Avaya Aura® Device Services | 8, 8.1, 8.1.4, 8.1.5 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | Tuesday, December 14, 2021 - 8:30pm ET | -| Avaya | Avaya Aura for OneCloud Private | | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. | | Tuesday, December 14, 2021 - 8:30pm ET | +| Avaya | Avaya Aura for OneCloud Private | | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. | | Tuesday, December 14, 2021 - 8:30pm ET | | Avaya | Avaya Aura® Application Enablement Services | 8.1.3.2, 8.1.3.3, 10.1 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | [PSN020551u](https://download.avaya.com/css/public/documents/101079386) | Tuesday, December 14, 2021 - 8:30pm ET | | Avaya | Avaya Aura® Contact Center | 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | Tuesday, December 14, 2021 - 8:30pm ET | | Avaya | Avaya Aura® Device Services | 8.0.1, 8.0.2, 8.1.3 | Affected | No | [Apache Log4J Vulnerability - Impact for Avaya products Avaya Product Security](https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609) | | | Tuesday, December 14, 2021 - 8:30pm ET | @@ -429,36 +429,36 @@ This list was initially populated using information from the following sources: | Forcepoint | Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder | | Not Affected | | [Login (forcepoint.com)](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | | | | | Forcepoint | One Endpoint | | Not Affected | | [Login (forcepoint.com)](https://support.forcepoint.com/s/login/?ec=302&startURL=%2Fs%2F) | | | | | ForgeRock | Autonomous Identity | | Affected | | [Security Advisories - Knowledge - BackStage (forgerock.com)](https://backstage.forgerock.com/knowledge/kb/book/b21824339#1_bzBa) | all other ForgeRock products Not vulnerable | | | -| Fortinet | FortiAIOps | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiCASB | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiConvertor | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiEDR Cloud | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiAIOps | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiCASB | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiConvertor | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiEDR Cloud | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | | Fortinet | FortiNAC | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiNAC | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiPolicy | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiPortal | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiSIEM | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiSOAR | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | ShieldX | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiAnalyzer Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiAnalyzer | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiAP | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiAuthenticator | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiDeceptor | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiEDR Agent | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiGate Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiGSLB Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiMail | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiManager Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiManager | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiOS (includes FortiGate & FortiWiFi) | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiPhish Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiRecorder | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiNAC | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiPolicy | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiPortal | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiSIEM | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiSOAR | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | ShieldX | | Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiAnalyzer Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiAnalyzer | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiAP | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiAuthenticator | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiDeceptor | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiEDR Agent | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiGate Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiGSLB Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiMail | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiManager Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiManager | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiOS (includes FortiGate & FortiWiFi) | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiPhish Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiRecorder | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | | Fortinet | FortiSwicth Cloud in FortiLANCloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiSwitch & FortiSwitchManager | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiToken Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiVoice | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | -| Fortinet | FortiWeb Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiSwitch & FortiSwitchManager | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiToken Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiVoice | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | +| Fortinet | FortiWeb Cloud | | Not Affected | | [PSIRT Advisories FortiGuard](https://www.fortiguard.com/psirt/FG-IR-21-245) | | | | | FusionAuth | FusionAuth | 1.32 | Not Affected | | [log4j CVE: How it affects FusionAuth (TLDR: It doesn't) - FusionAuth](https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/) | | | | | Graylog | Graylog Server | All versions >= 1.2.0 and <= 4.2.2 | Affected | Yes | [Graylog Update for Log4j](https://www.graylog.org/post/graylog-update-for-log4j) | | | | | Gradle | Gradle | | Not Affected | No | [Gradle Blog - Dealing with the critical Log4j vulnerability](https://blog.gradle.org/log4j-vulnerability) | Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. | | | @@ -876,17 +876,17 @@ This list was initially populated using information from the following sources: | Netapp | Multiple NetApp products | | Affected | | [https://security.netapp.com/advisory/ntap-20211210-0007/](https://security.netapp.com/advisory/ntap-20211210-0007/) | | | | | Neo4j | Neo4j Graph Database | Version >4.2, <4..2.12 | Affected | No | | | | 12/13/2021 | | New Relic | New Relic Java Agent | <7.4.2 | Affected | Yes | [Java agent v7.4.2](https://docs.newrelic.com/docs/release-notes/agent-release-notes/java-release-notes/java-agent-742/) | Initially fixed in 7.4.1, but additional vulnerability found | [New Relic tracking](https://github.com/newrelic/newrelic-java-agent/issues/605), covers CVE-2021-44228, CVE-2021-45046 | 12/15/2021 | -| Okta | Okta RADIUS Server Agent | < 2.17.0 | Affected | | [Okta RADIUS Server Agent CVE-2021-44228 Okta](https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228) | | | 12/12/2021 | -| Okta | Okta On-Prem MFA Agent | < 1.4.6 | Affected | | [Okta On-Prem MFA Agent CVE-2021-44228 Okta](https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228) | | | 12/12/2021 | -| Okta | Advanced Server Access | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta Access Gateway | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta AD Agent | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta Browser Plugin | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta IWA Web Agent | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta LDAP Agent | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta Mobile | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta Workflows | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | -| Okta | Okta Verify | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta RADIUS Server Agent | < 2.17.0 | Affected | | [Okta RADIUS Server Agent CVE-2021-44228 Okta](https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228) | | | 12/12/2021 | +| Okta | Okta On-Prem MFA Agent | < 1.4.6 | Affected | | [Okta On-Prem MFA Agent CVE-2021-44228 Okta](https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228) | | | 12/12/2021 | +| Okta | Advanced Server Access | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta Access Gateway | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta AD Agent | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta Browser Plugin | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta IWA Web Agent | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta LDAP Agent | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta Mobile | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta Workflows | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | +| Okta | Okta Verify | | Not Affected | | [Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security](https://sec.okta.com/articles/2021/12/log4shell) | | | 12/12/2021 | | Palo-Alto Networks | Prisma Cloud Compute | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | Prisma Cloud | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | | Palo-Alto Networks | PAN-OS for Firewall and Wildfire | | Not Affected | | [CVE-2021-44228 Informational: Impact of Log4j Vulnerability CVE-2021-44228 (paloaltonetworks.com)](https://security.paloaltonetworks.com/CVE-2021-44228) | | | | @@ -998,24 +998,24 @@ This list was initially populated using information from the following sources: | Siemens | Comos Desktop App | All Versions | Affected | Yes | [Vendor Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | | Siemens | Desigo CC Advanced Reporting | V4.0, 4.1, 4.2, 5.0, 5.1 | Affected | Yes | [Vendor Link]( https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | | Salesforce | Sales Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | Service Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | Community Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | B2C Commerce Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Service Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Community Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | B2C Commerce Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | | Salesforce | Analytics Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps." | | 12/15/2021 | -| Salesforce | Force.com | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | Social Studio | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | Datorama | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | Pardot | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | Data.com | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Force.com | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Social Studio | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Datorama | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Pardot | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Data.com | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | | Salesforce | Heroku | | Not Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time." | | 12/15/2021 | -| Salesforce | Marketing Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | -| Salesforce | MuleSoft (Cloud) | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Marketing Cloud | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | MuleSoft (Cloud) | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | | Salesforce | MuleSoft (On-Premise) | | Unknown | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Please contact Customer Support." | | 12/15/2021 | | Salesforce | ClickSoftware (As-a-Service) | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | | Salesforce | ClickSoftware (On-Premise) | | Unknown | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Please contact Customer Support." | | 12/15/2021 | | Salesforce | Tableau (Online) | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | | Salesforce | Tableau (On-Premise) | < 2021.4.1 | Fixed | | [Salesforce Statement](https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell) | Fixed in 2021.4.1 | | 12/16/2021 | -| Salesforce | Slack | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | +| Salesforce | Slack | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228." | | 12/15/2021 | | Salesforce | Evergage (Interaction Studio) | | Affected | | [Salesforce Statement](https://help.salesforce.com/s/articleView?id=000363736&type=1) | "Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps." | | 12/15/2021 | | Siemens | Capital | All Versions >- 2019.1 SP1912 | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | Only affected if Teamcenter integration feature is used. Mitigation: [Mitigation Link](https://support.sw.siemens.com/en-US/knowledge-base/MG618363) | | 12/15/2021 | | Siemens | Comos Desktop App | All Versions | Affected | Yes | [Siemens Advisory Link](https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf) | | | 12/15/2021 | @@ -1059,7 +1059,7 @@ This list was initially populated using information from the following sources: | SonicWall | SonicWall Switch | | Not Affected | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the SonicWall Switch. | | 12/12/2021 | | SonicWall | SMA 100 | | Not Affected | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the SMA100 appliance. | | 12/12/2021 | | SonicWall | SMA 1000 | | Not Affected | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Version 12.1.0 and 12.4.1 doesn't use a vulnerable version | | 12/12/2021 | -| SonicWall | Email Security | | Not Affected | | [Security Advisory (sonicwall.com)] | Version 10.x doesn't use a vulnerable version | | 12/12/2021 | +| SonicWall | Email Security | | Not Affected | | [Security Advisory (sonicwall.com)] | Version 10.x doesn't use a vulnerable version | | 12/12/2021 | | SonicWall | MSW | | Not Affected | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Mysonicwall service doesn't use Log4j | | 12/12/2021 | | SonicWall | NSM | | Not Affected | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | NSM On-Prem and SaaS doesn't use a vulnerable version | | 12/12/2021 | | SonicWall | Capture Client & Capture Client Portal | | Not Affected | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Log4j2 not used in the Capture Client. | | 12/12/2021 | @@ -1073,35 +1073,35 @@ This list was initially populated using information from the following sources: | SonicWall | GMS | | Under Investigation | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | 12/12/2021 | | SonicWall | CAS | | Under Investigation | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | 12/12/2021 | | SonicWall | WAF | | Under Investigation | | [Security Advisory (sonicwall.com)](https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032) | Under Review | | 12/12/2021 | -| Sophos | Sophos Mobile EAS Proxy | < 9.7.2 | Affected | No | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. | | 12/12/2021 | -| Sophos | Cloud Optix | | Fixed | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. | | 12/12/2021 | +| Sophos | Sophos Mobile EAS Proxy | < 9.7.2 | Affected | No | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. | | 12/12/2021 | +| Sophos | Cloud Optix | | Fixed | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. | | 12/12/2021 | | Sophos | Sophos Firewall (all versions) | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Firewall does not use Log4j. | | 12/12/2021 | -| Sophos | SG UTM (all versions) | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos SG UTM does not use Log4j. | | 12/12/2021 | -| Sophos | SG UTM Manager (SUM) (all versions) | All versions | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | SUM does not use Log4j. | | 12/12/2021 | -| Sophos | Sophos ZTNA | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos ZTNA does not use Log4j. | | 12/12/2021 | -| Sophos | Sophos Home | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Home does not use Log4j. | | 12/12/2021 | -| Sophos | Sophos Central | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Central does not run an exploitable configuration. | | 12/12/2021 | -| Sophos | Sophos Mobile | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. | | 12/12/2021 | -| Sophos | Reflexion | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Reflexion does not run an exploitable configuration. | | 12/12/2021 | -| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | IT Service Intelligence (ITSI) | 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.x | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Enterprise | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Enterprise Docker Container | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Stream Processor Service | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Cloud Developer Edition | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Connect for SNMP | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk DB Connect | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Forwarders (UF/HWF) | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | -| Splunk | Splunk Mint | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Sophos | SG UTM (all versions) | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos SG UTM does not use Log4j. | | 12/12/2021 | +| Sophos | SG UTM Manager (SUM) (all versions) | All versions | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | SUM does not use Log4j. | | 12/12/2021 | +| Sophos | Sophos ZTNA | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos ZTNA does not use Log4j. | | 12/12/2021 | +| Sophos | Sophos Home | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Home does not use Log4j. | | 12/12/2021 | +| Sophos | Sophos Central | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Central does not run an exploitable configuration. | | 12/12/2021 | +| Sophos | Sophos Mobile | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. | | 12/12/2021 | +| Sophos | Reflexion | | Not Affected | | [Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos](https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce) | Reflexion does not run an exploitable configuration. | | 12/12/2021 | +| Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | IT Service Intelligence (ITSI) | 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.x | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Enterprise | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Enterprise Amazon Machine Image (AMI) | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Enterprise Docker Container | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Stream Processor Service | non-Windows versions of 8.1.x and 8.2.x only if Hadoop and/or DFS are used | Affected | No | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Cloud Developer Edition | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Connect for SNMP | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk DB Connect | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Forwarders (UF/HWF) | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | +| Splunk | Splunk Mint | | Under Investigation | | [Splunk Security Advisory for Apache Log4j (CVE-2021-44228) Splunk](https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html) | | | 12/12/2021 | | Spring | Spring Boot | | Unkown | | [https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot](https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot) | Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 | | | | Tech Software | OneAegis (f/k/a IRBManager) | All versions | Not Affected | | [Log4j CVE-2021-44228 Vulnerability Impact Statement](https://support.techsoftware.com/hc/en-us/articles/4412825948179) | OneAegis does not use Log4j. | | 12/15/2021 | | Tech Software | SMART | All versions | Not Affected | | [Log4j CVE-2021-44228 Vulnerability Impact Statement](https://support.techsoftware.com/hc/en-us/articles/4412825948179) | SMART does not use Log4j. | | 12/15/2021 | | Tech Software | Study Binders | All versions | Not Affected | | [Log4j CVE-2021-44228 Vulnerability Impact Statement](https://support.techsoftware.com/hc/en-us/articles/4412825948179) | Study Binders does not use Log4j. | | 12/15/2021 | | TPLink | Omega Controller | Linux/Windows all | Affected | Yes | [Statement on Apache Log4j Vulnerability](https://www.tp-link.com/us/support/faq/3255) | Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16 | [Tp Community Link](https://community.tp-link.com/en/business/forum/topic/514452), [Reddit Link](https://www.reddit.com/r/TPLink_Omada/comments/rdzvlp/updating_the_sdn_to_protect_against_the_log4j) | 12/15/2021 | | TrendMicro | All | | Under Investigation | | [https://success.trendmicro.com/solution/000289940](https://success.trendmicro.com/solution/000289940) | | | | -| Ubiquiti | UniFi Network Application | 6.5.53 & lower versions | Affected | Yes | [UniFi Network Application 6.5.54 Ubiquiti Community](https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1) | | | | -| Ubiquiti | UniFi Network Controller | 6.5.54 & lower versions | Affected | Yes | [UniFi Network Application 6.5.55 Ubiquiti Community](https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e) | | 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 | 12/15/2021 | +| Ubiquiti | UniFi Network Application | 6.5.53 & lower versions | Affected | Yes | [UniFi Network Application 6.5.54 Ubiquiti Community](https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1) | | | | +| Ubiquiti | UniFi Network Controller | 6.5.54 & lower versions | Affected | Yes | [UniFi Network Application 6.5.55 Ubiquiti Community](https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e) | | 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 | 12/15/2021 | | VMware | VMware vCenter Server | 8.x, 7.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware vCenter Server | 7.x, 6.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 | | VMware | VMware vCenter Server | 6.x | Affected | No | [VMSA-2021-0028.1 (vmware.com)](https://www.vmware.com/security/advisories/VMSA-2021-0028.html) | | | 12/12/2021 |