# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #

[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)

## Status Descriptions ##

| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |

## Software List ##

This list has been populated using information from the following sources:

- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)

NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).

| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Qconference | FaceTalk |  |  | Fixed | [link](https://qconferencing.com/status-vulnerability-log4j-en-qconferencing/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
| QF-Test | All |  |  | Unknown | [link](https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Qlik | AIS, including ARC |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Attunity Visibility |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | AutoML |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Blendr |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | C4DL |  | 6.6 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | C4DW |  | 6.6, 6.6.1, 7.0 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Catalog |  | 4.10.0, 4.10.1, 4.10.2, 4.11.0, 4.11.1, 4.12.0, 4.12.1 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Compose |  | 2021.2, 2021.5, 2021.8 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Compose for Data Lakes |  |  | Not Affected | [link](https://community.qlik.com/t5/Knowledge/CVE-2021-44228-Handling-the-log4j-lookups-critical-vulnerability/ta-p/1869987) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Compose for Data Wharehouses |  |  | Not Affected | [link](https://community.qlik.com/t5/Knowledge/CVE-2021-44228-Handling-the-log4j-lookups-critical-vulnerability/ta-p/1869990) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | GeoAnalytics Plus |  | 5.26.5, 5.27.5 - 5.28.2, 5.29.4 - 5.30.1, 5.31.1, 5.31.2 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | GeoAnalytics Server |  | 4.19.1 - 4.27.3, 4.23.4, 4.32.3 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Nodegraph |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Nprinting |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | ODBC Connector Package |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | QEM |  | 6.6, 7.0, 2021.5, 2021.11 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Alerting |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Catalog |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Data Transfer |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Enterprise Manager |  | 6.6, 7.0, 2021.5, 2021.11 | Fixed | [link](https://community.qlik.com/t5/Knowledge/CVE-2021-44228-Handling-the-log4j-lookups-critical-vulnerability/ta-p/1869994) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Forts |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik RepliWeb and ARC |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Sense Business |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Sense Enterprise |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Sense Enterprise SaaS |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik View |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Qlik Web Connectors |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Replicate |  | 6.6, 7.0, 2021.5, 2021.11 | Fixed | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | REST Connectors |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| Qlik | Salesforce and SAP Connectors |  |  | Not Affected | [link](https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368) | Connectos are not affected. |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
| QMATIC | Appointment Booking |  | 2.4+ | Fixed | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | Update to v. 2.8.2 which contains log4j 2.16 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QMATIC | Appointment Booking |  | Cloud/Managed Service | Fixed | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | log4j 2.16 applied 2021-12-15 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QMATIC | Insights |  | Cloud | Fixed | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) | log4j 2.16 applied 2021-12-16 |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QMATIC | Orchestra Central |  |  | Not Affected | [link](https://www.qmatic.com/meet-qmatic/news/qmatic-statement-on-log4j-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-21 |
| QNAP | QES Operating System |  |  | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QNAP | Qsirch |  |  | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QNAP | QTS Operating System |  |  | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QNAP | QuTS Hero Operating System |  |  | Not Affected | [link](https://www.qnap.com/en-uk/security-advisory/qsa-21-58) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QOPPA | All |  |  | Unknown | [link](https://kbdeveloper.qoppa.com/cve-2021-44228-apache-log4j-vulnerability/) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QOS.ch | SLF4J Simple Logging Facade for Java |  |  | Unknown | [link](https://www.slf4j.org/log4shell.html) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QSC Q-SYS | All |  |  | Unknown | [link](https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| QT | All |  |  | Unknown | [link](https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest | Foglight |  |  | Unknown | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&amp;t=Global) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest | Foglight |  | 6.0 | Fixed | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&amp;t=Global) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Quest | Quest KACE SMA |  |  | Not Affected | [link](https://support.quest.com/fr-fr/search#q=CVE-2021-44228&amp;t=Global) |  |  | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |