1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-14 04:47:54 +00:00
log4j-affected-db/SOFTWARE-LIST.md
2022-02-11 19:11:34 +00:00

996 KiB
Raw Blame History

CISA Log4j (CVE-2021-44228) Affected Vendor & Software List

Status Descriptions

Status Description
Unknown Status unknown. Default choice.
Affected Reported to be affected by CVE-2021-44228.
Not Affected Reported to NOT be affected by CVE-2021-44228 and no further action necessary.
Fixed Patch and/or mitigations available (see provided links).
Under Investigation Vendor investigating status.

Software List

This list has been populated using information from the following sources:

  • Kevin Beaumont
  • SwitHak
  • National Cyber Security Centre - Netherlands (NCSC-NL)

NOTE: This file is automatically generated. To submit updates, please refer to CONTRIBUTING.md.

Vendor Product Affected Versions Patched Versions Status Vendor Links Notes References Reporter Last Updated
1Password All products Not Affected link cisagov 2021-01-14
2n Unknown link cisagov 2022-01-12
3CX Unknown link cisagov 2022-01-12
3M Health Information Systems CGS Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
7-Zip Unknown link cisagov 2022-01-12
7Signal Sapphire Fixed link Fix released 2021-12-14 cisagov 2021-12-14
ABB AlarmInsight Cloud Not Affected link cisagov 2022-01-12
ABB B&R Products Not Affected link cisagov 2022-01-12
ABB Remote Service Fixed link cisagov 2022-01-12
Abbott All Unknown link Details are shared with customers with an active RAP subscription. cisagov 2021-12-15
Abbott GLP Track System Track Sample Manager (TSM), Track Workflow Manager (TWM) Affected link Abbott will provide a fix for this in a future update expected in January 2022. cisagov 2021-12-15
Abnormal Security All Not Affected link cisagov 2022-01-12
Accellence Technologies EBÜS All Fixed link EBÜS itself is not vulnerable to CVE-2021-44228. Although it includes several 3rd-party software setups, which may be affected. cisagov 2022-01-12
Accellence Technologies Vimacc Not Affected link cisagov 2022-01-12
Accellion Kiteworks v7.6 release Fixed link As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 contained in the Solr package as recommended by Apache Solr group. Specifically, it updates the Log4j library to a non-vulnerable version on CentOS 7 systems as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true" to disable the possible attack vector on both CentOS 6 and CentOS 7. cisagov 2021-12-16
Accruent Analytics Fixed link cisagov 2022-01-12
Accruent Asset Enterprise Not Affected link cisagov 2022-01-12
Accruent BigCenter Fixed link cisagov 2022-01-12
Accruent EMS Not Affected link cisagov 2022-01-12
Accruent Evoco Fixed link cisagov 2022-01-12
Accruent Expesite Fixed link cisagov 2022-01-12
Accruent Famis 360 Fixed link cisagov 2022-01-12
Accruent Lucernex Fixed link cisagov 2022-01-12
Accruent Maintenance Connection Not Affected link cisagov 2022-01-12
Accruent Meridian Fixed link cisagov 2022-01-12
Accruent Single Sign On (SSO, Central Auth) Not Affected link cisagov 2022-01-12
Accruent SiteFM3 Fixed link cisagov 2022-01-12
Accruent SiteFM4 Fixed link cisagov 2022-01-12
Accruent Siterra Fixed link cisagov 2022-01-12
Accruent TMS Not Affected link cisagov 2022-01-12
Accruent VxField Not Affected link cisagov 2022-01-12
Accruent VxMaintain Fixed link cisagov 2022-01-12
Accruent VxObserve Fixed link cisagov 2022-01-12
Accruent VxSustain Fixed link cisagov 2022-01-12
Acquia All Unknown link cisagov 2022-01-12
Acronis Backup Not Affected link cisagov 2022-01-12
Acronis Cyber Backup Not Affected link cisagov 2022-01-12
Acronis Cyber Files Not Affected link cisagov 2022-01-12
Acronis Cyber Infrastructure Not Affected link cisagov 2022-01-12
Acronis Cyber Protect Not Affected link cisagov 2022-01-12
Acronis Cyber Protection Home Office Not Affected link cisagov 2022-01-12
Acronis DeviceLock DLP Not Affected link cisagov 2022-01-12
Acronis Files Connect Not Affected link cisagov 2022-01-12
Acronis MassTransit Not Affected link cisagov 2022-01-12
Acronis Snap Deploy Not Affected link cisagov 2022-01-12
ActiveState All Unknown link cisagov 2022-01-12
Acunetix 360 Not Affected link cisagov 2022-01-12
Acunetix Agents Not Affected link cisagov 2022-01-12
Acunetix Application Not Affected link cisagov 2022-01-12
Acunetix IAST - ASP.NET Not Affected link cisagov 2022-01-12
Acunetix IAST - NodeJS Not Affected link cisagov 2022-01-12
Acunetix IAST - PHP Not Affected link cisagov 2022-01-12
Acunetix IAST-Java All Fixed link AcuSensor IAST module needs attention. cisagov 2022-01-12
Adaptec All Unknown link cisagov 2022-01-12
Addigy All Unknown link cisagov 2022-01-12
Adeptia Connect 3.3, 3.4, 3.5 Fixed link cisagov 2022-01-12
Adeptia Suite 6.9.9, 6.9.10, 6.9.11 Fixed link cisagov 2022-01-12
Adobe Automated Forms Conversion Service Affected link cisagov 2022-01-12
Adobe ColdFusion Fixed link cisagov 2022-01-12
Adobe Experience Manager 6.3 Forms on JEE All versions from 6.3 GA to 6.3.3 Fixed link cisagov 2022-01-12
Adobe Experience Manager 6.4 Forms Designer Affected link cisagov 2022-01-12
Adobe Experience Manager 6.4 Forms on JEE All versions from 6.4 GA to 6.4.8 Fixed link cisagov 2022-01-12
Adobe Experience Manager 6.5 Forms Designer Fixed link cisagov 2022-01-12
Adobe Experience Manager 6.5 Forms on JEE All versions from 6.5 GA to 6.5.11 Fixed link cisagov 2022-01-12
Adobe Experience Manager Forms on OSGi Not Affected link cisagov 2022-01-12
Adobe Experience Manager Forms Workbench Not Affected link cisagov 2022-01-12
ADP All Unknown link cisagov 2022-01-12
Advanced Micro Devices (AMD) All Not Affected link cisagov 2022-02-02
Advanced Systems Concepts (formally Jscape) Active MFT Not Affected link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
Advanced Systems Concepts (formally Jscape) MFT Not Affected link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
Advanced Systems Concepts (formally Jscape) MFT Gateway Not Affected link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
Advanced Systems Concepts (formally Jscape) MFT Server Not Affected link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
AFHCAN Global LLC AFHCANcart Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANmobile Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANServer Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANsuite Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANupdate Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANweb Not Affected link cisagov 2022-01-12
Agilysys All Unknown link cisagov 2022-01-12
Ahsay Mobile Not Affected link cisagov 2022-01-12
Ahsay Other products Not Affected link cisagov 2022-01-12
Ahsay PRD Not Affected link cisagov 2022-01-12
AIL All Not Affected link cisagov 2022-01-12
Akamai Enterprise Application Access (EAA) Connector Not Affected link cisagov 2021-12-15
Akamai SIEM Integration Connector <1.7.4 Fixed link Akamai SIEM Integration Connector is vulnerable to CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105. cisagov 2021-12-15
Akamai SIEM Splunk Connector < 1.4.10 Fixed link Akamai SIEM Integration Connector for Splunk is not vulnerable to CVE-2021-44228. Although it includes the vulnerable Log4J component, it is not used by the connector. cisagov 2021-12-15
Alcatel All Unknown link cisagov 2022-01-12
Alertus Console 5.15.0 Fixed link cisagov 2022-01-12
Alexion Alexion CRM Not Affected link cisagov 2022-01-12
Alfresco Alfresco Not Affected link cisagov 2022-01-12
AlienVault All Unknown link cisagov 2022-01-12
Alphatron Medical AmiSconnect Not Affected link cisagov 2022-01-12
Alphatron Medical Custo Diagnostics 5.4, 5.6 Affected link cisagov 2022-01-12
Alphatron Medical JiveX Not Affected link cisagov 2022-01-12
Alphatron Medical Zorgbericht Not Affected link cisagov 2022-01-12
Amazon AMS Fixed link Work in progress, portion of customers may still be vulnerable. Actively monitoring this issue, and are working on addressing it for any AMS services which use Log4j2. cisagov 2022-01-12
Amazon API Gateway Fixed link cisagov 2021-12-20
Amazon Athena Fixed link cisagov 2021-12-20
Amazon Athena JDBC Driver Not Affected link All versions vended to customers were not affected. cisagov 2021-12-20
Amazon AWS Not Affected Amazon Linux 1 had aws apitools which were Java based but these were deprecated in 2015 AWS Forum. AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2 and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2. cisagov 2021-12-15
Amazon AWS AppFlow Fixed link cisagov 2021-12-20
Amazon AWS AppSync Fixed link Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Amazon AWS Certificate Manager Fixed link cisagov 2021-12-20
Amazon AWS Certificate Manager Private CA Fixed link cisagov 2021-12-20
Amazon AWS CloudHSM < 3.4.1 Fixed link CloudHSM JCE SDK 3.4.1 or higher is not vulnerable. cisagov 2022-01-12
Amazon AWS CodeBuild Fixed link Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-12
Amazon AWS CodePipeline Fixed link Updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-12
Amazon AWS Connect Fixed link Vendors recommend evaluating components of the environment outside of the Amazon Connect service boundary, which may require separate/additional customer mitigation. cisagov 2021-12-23
Amazon AWS Directory Service Fixed link cisagov 2021-12-23
Amazon AWS DynamoDB Fixed link cisagov 2021-12-17
Amazon AWS ECS Fixed link To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228 and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch will require customer opt-in to use, and disables JNDI lookups from the Log4J2 library in customers containers. These updates are available as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS, and will be in supported AWS Fargate platform versions. cisagov 2021-12-16
Amazon AWS EKS Fixed link To help mitigate the impact of the open-source Apache Log4j2 utility (CVE-2021-44228 and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch will require customer opt-in to use, and disables JNDI lookups from the Log4J2 library in customers containers. These updates are available as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS, and will be in supported AWS Fargate platform versions. cisagov 2021-12-16
Amazon AWS Elastic Beanstalk Not Affected link Default configuration of applications usage of Log4j versions is not vulnerable. cisagov 2021-12-17
Amazon AWS ElastiCache Fixed link cisagov 2021-12-17
Amazon AWS ELB Fixed link cisagov 2021-12-16
Amazon AWS Fargate Fixed link Opt-in hot-patch to mitigate the Log4j issue in JVM layer will be available as platform versions. cisagov 2021-12-16
Amazon AWS Glue Fixed link Has been updated. Vulnerable only if ETL jobs load affected versions of Apache Log4j. cisagov 2021-12-16
Amazon AWS Greengrass Fixed link Updates for all Greengrass V2 components Stream Manager (2.0.14) and Secure Tunneling (1.0.6) are available. For Greengrass versions 1.10.x and 1.11.x, an update for the Stream Manager feature is included in Greengrass patch versions 1.10.5 and 1.11.5. cisagov 2021-12-16
Amazon AWS Inspector Fixed link cisagov 2021-12-17
Amazon AWS IoT SiteWise Edge Fixed link Updates for all AWS IoT SiteWise Edge components that use Log4j were made available; OPC-UA collector (v2.0.3), Data processing pack (v2.0.14), and Publisher (v2.0.2). cisagov 2021-12-17
Amazon AWS Kinesis Data Streams Fixed link We are actively patching all sub-systems that use Log4j2 by applying updates. The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library (KPL) are not impacted. For customers using KCL 1.x, we have released an updated version and we strongly recommend that all KCL version 1.x customers upgrade to KCL version 1.14.5 (or higher). KCL 2.x, KCL 1.14.5 or higher, and KPL are not vulnerable. cisagov 2021-12-14
Amazon AWS KMS Fixed link cisagov 2022-01-12
Amazon AWS Lambda Fixed link Vulnerable when using aws-lambda-java-log4j2. cisagov 2022-01-12
Amazon AWS Polly Fixed link cisagov 2022-01-12
Amazon AWS QuickSight Fixed link cisagov 2022-01-12
Amazon AWS RDS Fixed link Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified in CVE-2021-44228. cisagov 2021-12-17
Amazon AWS S3 Fixed link cisagov 2021-12-14
Amazon AWS SDK Not Affected link cisagov 2021-12-14
Amazon AWS Secrets Manager Fixed link cisagov 2021-12-14
Amazon AWS Service Catalog Fixed link cisagov 2021-12-20
Amazon AWS SNS Fixed link Amazon SNS systems that serve customer traffic are patched against the Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate separately from SNSs systems that serve customer traffic. cisagov 2021-12-14
Amazon AWS SQS Fixed link cisagov 2021-12-15
Amazon AWS Systems Manager Fixed link cisagov 2021-12-15
Amazon AWS Systems Manager Agent Not Affected link cisagov 2021-12-15
Amazon AWS Textract Fixed link cisagov 2021-12-15
Amazon Chime Fixed link Amazon Chime and Chime SDK services have been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-12
Amazon Cloud Directory Fixed link cisagov 2022-01-12
Amazon CloudFront Fixed link cisagov 2022-01-12
Amazon CloudWatch Fixed link cisagov 2022-01-12
Amazon Cognito Fixed link cisagov 2022-01-12
Amazon Corretto Not Affected link 10/19 release distribution does not include Log4j. Vulnerable only if customers applications use affected versions of Apache Log4j. cisagov 2022-01-12
Amazon DocumentDB Fixed link cisagov 2022-01-12
Amazon EC2 Fixed link Packages for Amazon Linux 1 and 2 not affected, package for Amazon Linux 2022 is affected. cisagov 2021-12-15
Amazon ECR Public Fixed link Amazon-owned images published under a Verified Account on Amazon ECR Public are not affected by the Log4j issue. cisagov 2021-12-15
Amazon Elastic Load Balancing Fixed link Services have been updated. All Elastic Load Balancers, as well as Classic, Application, Network and Gateway, are not affected by this Log4j issue. cisagov 2021-12-15
Amazon EMR Fixed link Many customers are estimated to be vulnerable. Vulnerable only if affected EMR releases are used and untrusted sources are configured to be processed. cisagov 2022-01-12
Amazon EventBridge Fixed link cisagov 2022-01-12
Amazon Fraud Detector Fixed link cisagov 2022-01-12
Amazon Inspector Fixed link cisagov 2022-01-12
Amazon Inspector Classic Fixed link cisagov 2022-01-12
Amazon Kafka (MSK) Fixed link Applying updates as required, portion of customers may still be vulnerable. Some MSK-specific service components use Log4j > 2.0.0 library and are being patched where needed. cisagov 2022-01-12
Amazon Kendra Fixed link cisagov 2022-01-12
Amazon Keyspaces (for Apache Cassandra) Fixed link cisagov 2022-01-12
Amazon Kinesis Fixed link cisagov 2022-01-12
Amazon Kinesis Data Analytics Fixed link cisagov 2022-01-12
Amazon Lake Formation Fixed link Update in progress, portion of customers may still be vulnerable. AWS Lake Formation service hosts are being updated to the latest version of Log4j. cisagov 2022-01-12
Amazon Lex Fixed link cisagov 2022-01-12
Amazon Linux (AL1) Not Affected link By default not vulnerable. Opt-in hot-patch to mitigate the Log4j in JVM layer issue is available. cisagov 2022-01-12
Amazon Linux (AL2) Fixed link By default not vulnerable, and a new version of Amazon Kinesis Agent which is part of AL2 addresses the Log4j issue. Opt-in hot-patch to mitigate the Log4j issue in JVM layer is available. cisagov 2022-01-12
Amazon Lookout for Equipment Fixed link cisagov 2022-01-12
Amazon Macie Fixed link cisagov 2022-01-12
Amazon Macie Classic Fixed link cisagov 2022-01-12
Amazon Managed Workflows for Apache Airflow (MWAA) Fixed link cisagov 2022-01-12
Amazon MemoryDB for Redis Fixed link cisagov 2022-01-12
Amazon Monitron Fixed link cisagov 2022-01-12
Amazon MQ Fixed link cisagov 2022-01-12
Amazon Neptune Fixed link cisagov 2022-01-12
Amazon NICE Fixed link Recommended to update EnginFrame or Log4j library. cisagov 2022-01-12
Amazon OpenSearch R20211203-P2 Fixed link Update released, customers need to update their clusters to the fixed release. cisagov 2022-01-12
Amazon Pinpoint Fixed link cisagov 2022-01-12
Amazon RDS Aurora Fixed link cisagov 2022-01-12
Amazon RDS for Oracle Fixed link cisagov 2022-01-12
Amazon Redshift Fixed link cisagov 2022-01-12
Amazon Rekognition Fixed link cisagov 2022-01-12
Amazon Route 53 Fixed link cisagov 2022-01-12
Amazon SageMaker Fixed link Completed patching for the Apache Log4j2 issue (CVE-2021-44228). Vulnerable only if customers applications use affected versions of Apache Log4j. cisagov 2022-01-12
Amazon Simple Notification Service (SNS) Fixed link Systems that serve customer traffic are patched against the Log4j2 issue. Working to apply the patch to sub-systems that operate separately from SNSs systems that serve customer traffic. cisagov 2022-01-12
Amazon Simple Queue Service (SQS) Fixed link cisagov 2022-01-12
Amazon Simple Workflow Service (SWF) Fixed link cisagov 2022-01-12
Amazon Single Sign-On Fixed link cisagov 2022-01-12
Amazon Step Functions Fixed link cisagov 2022-01-12
Amazon Timestream Fixed link cisagov 2022-01-12
Amazon Translate Not Affected link Service not identified on AWS Log4j Security Bulletin cisagov 2022-01-12
Amazon VPC Fixed link cisagov 2022-01-12
Amazon WorkSpaces/AppStream 2.0 Fixed link Not affected with default configurations. WorkDocs Sync client versions 1.2.895.1 and older within Windows WorkSpaces, which contain the Log4j component, are vulnerable; For update instruction, see source for more info. cisagov 2022-01-12
AMD All Not Affected link Currently, no AMD products have been identified as affected. AMD is continuing its analysis. cisagov 2021-12-22
Anaconda All Not Affected link cisagov 2021-12-21
AOMEI All Not Affected link cisagov 2021-12-21
Apache ActiveMQ Artemis Not Affected link ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17 is included in the Hawtio-based web console application archive (i.e. web/console.war/WEB-INF/lib). Although this version of Log4j is not impacted by CVE-2021-44228 future versions of Artemis will be updated so that the Log4j jar is no longer included in the web console application archive. See ARTEMIS-3612 for more information on that task. cisagov 2021-12-21
Apache Airflow Not Affected link Airflow is written in Python cisagov 2022-01-12
Apache Archiva 2.2.6 Fixed link Fixed in 2.2.6. cisagov 2022-01-12
Apache Camel Not Affected link Apache Camel does not directly depend on Log4j 2, so we are not affected by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own applications, make sure to upgrade.Apache Camel does use log4j during testing itself, and therefore you can find that we have been using log4j v2.13.3 release in our latest LTS releases Camel 3.7.6, 3.11.4. cisagov 2021-12-13
Apache Camel 2 Not Affected link cisagov 2021-12-13
Apache Camel JBang <=3.1.4 Affected link cisagov 2021-12-13
Apache Camel K Not Affected link cisagov 2021-12-13
Apache Camel Kafka Connector Not Affected link cisagov 2021-12-13
Apache Camel Karaf Affected link The Karaf team is aware of this and are working on a new Karaf 4.3.4 release with updated log4j. cisagov 2021-12-13
Apache Camel Quarkus Not Affected link cisagov 2021-12-13
Apache Cassandra Not Affected link cisagov 2021-12-13
Apache Druid 0.22.1 Fixed link cisagov 2021-12-12
Apache Dubbo All Fixed link cisagov 2021-12-12
Apache Flink 1.15.0, 1.14.2, 1.13.5, 1.12.7, 1.11.6 Fixed link To clarify and avoid confusion, the 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were skipped because CVE-2021-45046 was discovered during the release publication. The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046. https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html cisagov 2021-12-12
Apache Fortress < 2.0.7 Fixed link Fixed in 2.0.7. cisagov 2021-12-14
Apache Geode 1.14.0 Fixed link Fixed in 1.12.6, 1.13.5, 1.14.1. cisagov 2021-12-14
Apache Guacamole Not Affected link cisagov 2021-12-14
Apache Hadoop Not Affected link cisagov 2021-12-14
Apache HBase Affected link cisagov 2021-12-14
Apache Hive 4.x Fixed link cisagov 2021-12-14
Apache James 3.6.0 Affected link cisagov 2021-12-14
Apache Jena < 4.3.1 Fixed link cisagov 2021-12-14
Apache JMeter All Affected link cisagov 2021-12-14
Apache JSPWiki 2.11.1 Fixed link cisagov 2021-12-14
Apache Kafka Not Affected link Uses Log4j 1.2.17. cisagov 2021-12-14
Apache Log4j 1.x Not Affected link cisagov 2022-01-12
Apache Log4j 2.x 2.17.1 Affected link Fixed in Log4j 2.17.1 (Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6). cisagov 2022-01-12
Apache Maven Not Affected link cisagov 2022-01-12
Apache NiFi Not Affected link Fixed in 1.15.1, 1.16.0. cisagov 2022-01-12
Apache OFBiz < 18.12.03 Fixed link cisagov 2022-01-12
Apache Ozone < 1.2.1 Fixed link Fixed in 1.15.1, 1.16.0. cisagov 2022-01-12
Apache SkyWalking < 8.9.1 Fixed link cisagov 2022-01-12
Apache SOLR 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 Fixed link Fixed in 8.11.1, Versions before 7.4 also vulnerable when using several configurations. Apache Solr 8.11.1 downloads cisagov 2021-12-16
Apache Spark Not Affected link Uses log4j 1.x cisagov 2022-01-12
Apache Struts 2.5.28 Affected link cisagov 2022-01-12
Apache Struts 2 Versions before 2.5.28.1 Fixed link The Apache Struts group is pleased to announce that Struts 2.5.28.1 is available as a General Availability release. The GA designation is our highest quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by using the latest Log4j 2.12.2 version (Java 1.7 compatible). Apache Struts Release Downloads cisagov 2021-12-21
Apache Tapestry 5.7.3 Affected link cisagov 2022-01-12
Apache Tika 2.0.0 and up Affected link cisagov 2022-01-12
Apache Tomcat Unknown link Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications deployed on Apache Tomcat may have a dependency on log4j. You should seek support from the application vendor in this instance. It is possible to configure Apache Tomcat 9.0.x to use log4j 2.x for Tomcats internal logging. This requires explicit configuration and the addition of the log4j 2.x library. Anyone who has switched Tomcats internal logging to log4j 2.x is likely to need to address this vulnerability. In most cases, disabling the problematic feature will be the simplest solution. Exactly how to do that depends on the exact version of log4j 2.x being used. Details are provided on the log4j 2.x security page cisagov 2021-12-21
Apache TrafficControl Affected link cisagov 2022-01-12
Apache ZooKeeper Not Affected link cisagov 2022-01-12
APC by Schneider Electric Powerchute Business Edition v9.5, v10.0.1, v10.0.2, v10.0.3, v10.0.4 Fixed link Mitigation instructions to remove the affected class. cisagov 2021-12-15
APC by Schneider Electric Powerchute Network Shutdown 4.2, 4.3, 4.4, 4.4.1 Fixed link Mitigation instructions to remove the affected class. cisagov 2021-12-15
Apereo CAS 6.3.x, 6.4.x Fixed link Other versions still in active maintainance might need manual inspection. cisagov 2022-01-12
Apereo Opencast < 9.10, < 10.6 Fixed link cisagov 2022-01-12
Apigee Edge and OPDK products Not Affected link cisagov 2022-01-12
Apollo All Unknown link cisagov 2022-01-12
Appdynamics All Unknown link cisagov 2022-01-12
Appeon PowerBuilder Appeon PowerBuilder 2017-2021 regardless of product edition Affected link cisagov 2021-12-15
AppGate All Unknown link cisagov 2022-01-12
Appian Appian Platform All Fixed link cisagov 2021-12-22
Application Performance Ltd DBMarlin Unknown link cisagov 2021-12-15
APPSHEET All Unknown link cisagov 2022-01-12
Aptible All Search 5.x Fixed link cisagov 2022-01-12
Aqua Security All Unknown link cisagov 2022-01-12
Arbiter Systems All Not Affected link cisagov 2021-12-22
ARC Informatique All Not Affected link cisagov 2022-01-13
Arca Noae All Unknown link cisagov 2022-01-12
Arcserve Arcserve Backup Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Arcserve Continuous Availability Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Arcserve Email Archiving Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Arcserve UDP Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve ShadowProtect Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve ShadowXafe Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Solo Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve StorageCraft OneXafe Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
ArcticWolf All Unknown link cisagov 2022-01-12
Arduino IDE 1.8.17 Fixed link cisagov 2022-01-12
Ariba All Unknown link cisagov 2022-01-12
Arista Analytics Node for Converged Cloud Fabric >7.0.0 Affected link Formerly Big Cloud Fabric cisagov 2022-01-12
Arista Analytics Node for DANZ Monitoring Fabric >7.0.0 Affected link Formerly Big Monitoring Fabric cisagov 2022-01-12
Arista CloudVision Portal >2019.1.0 Affected link cisagov 2022-01-12
Arista CloudVision Wi-Fi, virtual or physical appliance >8.8 Affected link cisagov 2022-01-12
Arista Embedded Analytics for Converged Cloud Fabric >5.3.0 Affected link Formerly Big Cloud Fabric cisagov 2022-01-12
Aruba Networks AirWave Management Platform Not Affected link cisagov 2022-01-12
Aruba Networks Analytics and Location Engine Not Affected link cisagov 2022-01-12
Aruba Networks ArubaOS SD-WAN Gateways Not Affected link cisagov 2022-01-12
Aruba Networks ArubaOS Wi-Fi Controllers and Gateways Not Affected link cisagov 2022-01-12
Aruba Networks ArubaOS-CX Switches Not Affected link cisagov 2022-01-12
Aruba Networks ArubaOS-S Switches Not Affected link cisagov 2022-01-12
Aruba Networks Central Not Affected link cisagov 2022-01-12
Aruba Networks Central On-Prem Not Affected link cisagov 2022-01-12
Aruba Networks ClearPass Policy Manager Not Affected link cisagov 2022-01-12
Aruba Networks EdgeConnect Not Affected link cisagov 2022-01-12
Aruba Networks Fabric Composer (AFC) Not Affected link cisagov 2022-01-12
Aruba Networks HP ProCurve Switches Not Affected link cisagov 2022-01-12
Aruba Networks Instant Not Affected link cisagov 2022-01-12
Aruba Networks Instant Access Points Not Affected link cisagov 2022-01-12
Aruba Networks Instant On Not Affected link cisagov 2022-01-12
Aruba Networks IntroSpect Versions 2.5.0.0 to 2.5.0.6 Fixed link cisagov 2022-01-12
Aruba Networks Legacy GMS Products Fixed link cisagov 2022-01-12
Aruba Networks Legacy NX Not Affected link cisagov 2022-01-12
Aruba Networks Legacy VRX Not Affected link cisagov 2022-01-12
Aruba Networks Legacy VX Not Affected link cisagov 2022-01-12
Aruba Networks NetEdit Not Affected link cisagov 2022-01-12
Aruba Networks Plexxi Composable Fabric Manager (CFM) Not Affected link cisagov 2022-01-12
Aruba Networks Silver Peak Orchestrator Fixed link cisagov 2022-01-12
Aruba Networks User Experience Insight (UXI) Not Affected link cisagov 2022-01-12
Aruba Networks VIA Clients Not Affected link cisagov 2022-01-12
Ataccama All Unknown link cisagov 2022-01-12
Atera All Unknown link cisagov 2022-01-12
Atlassian Bamboo Server & Data Center On Prem Affected link Only vulnerable when using non-default config, cloud version fixed. cisagov 2022-01-12
Atlassian Bitbucket Server & Data Center On prem Fixed link This product is not vulnerable to remote code execution but may leak information due to the bundled Elasticsearch component being vulnerable. cisagov 2022-01-12
Atlassian Confluence Server & Data Center On prem Affected link Only vulnerable when using non-default config, cloud version fixed. cisagov 2022-01-12
Atlassian Confluence-CIS CSAT Pro v1.7.1 Affected link cisagov 2022-01-12
Atlassian Confluence-CIS WorkBench Not Affected link cisagov 2022-01-12
Atlassian Confluence-CIS-CAT Lite v4.13.0 Affected link cisagov 2022-01-12
Atlassian Confluence-CIS-CAT Pro Assessor v3 Full and Dissolvable v3.0.77 Affected link cisagov 2022-01-12
Atlassian Confluence-CIS-CAT Pro Assessor v4 v4.13.0 Affected link cisagov 2022-01-12
Atlassian Confluence-CIS-CAT Pro Assessor v4 Service v1.13.0 Affected link cisagov 2022-01-12
Atlassian Confluence-CIS-CAT Pro Dashboard Not Affected link cisagov 2022-01-12
Atlassian Confluence-CIS-Hosted CSAT Not Affected link cisagov 2022-01-12
Atlassian Crowd Server & Data Center On prem Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Crucible On prem Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Fisheye On prem Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Jira Server & Data Center On prem Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Attivo Networks All Unknown link cisagov 2022-01-12
Atvise All Not Affected link The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions. cisagov 2022-01-17
AudioCodes All Unknown link cisagov 2022-01-12
Autodesk All Unknown link Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the Autodesk Trust Center as we learn more. cisagov 2021-12-21
Automation Anywhere Automation 360 Cloud Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Automation Anywhere Automation 360 On Premise Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Automation Anywhere Automation Anywhere 11.x, <11.3x Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Automox All Unknown link cisagov 2022-01-12
Autopsy All Unknown link cisagov 2022-01-12
Auvik All Unknown link cisagov 2022-01-12
Avantra SYSLINK All Unknown link cisagov 2022-01-12
Avaya Avaya Analytics 3.5, 3.6, 3.6.1, 3.7, 4 Affected link cisagov 2021-12-14
Avaya Avaya Aura Application Enablement Services 8.1.3.2, 8.1.3.3, 10.1 Affected link PSN020551u cisagov 2021-12-14
Avaya Avaya Aura Contact Center 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 Affected link cisagov 2021-12-14
Avaya Avaya Aura Device Services 8, 8.0.1, 8.0.2, 8.1, 8.1.3, 8.1.4, 8.1.5 Affected link cisagov 2021-12-14
Avaya Avaya Aura for OneCloud Private Affected link Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. cisagov 2021-12-14
Avaya Avaya Aura Media Server 8.0.0, 8.0.1, 8.0.2 Affected link PSN020549u cisagov 2021-12-14
Avaya Avaya Aura Presence Services 10.1, 7.1.2, 8, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4 Affected link cisagov 2021-12-14
Avaya Avaya Aura Session Manager 10.1, 7.1.3, 8, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 Affected link PSN020550u cisagov 2021-12-14
Avaya Avaya Aura System Manager 10.1, 8.1.3 Affected link PSN005565u cisagov 2021-12-14
Avaya Avaya Aura Web Gateway 3.11[P], 3.8.1[P], 3.8[P], 3.9.1[P], 3.9[P] Affected link cisagov 2021-12-14
Avaya Avaya Breeze 3.7, 3.8, 3.8.1 Affected link cisagov 2021-12-14
Avaya Avaya Contact Center Select 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 Affected link cisagov 2021-12-14
Avaya Avaya CRM Connector - Connected Desktop 2.2 Affected link cisagov 2021-12-14
Avaya Avaya Device Enablement Service 3.1.22 Affected link cisagov 2021-12-14
Avaya Avaya Meetings 9.1.10, 9.1.11, 9.1.12 Affected link cisagov 2021-12-14
Avaya Avaya OneCloud-Private 2 Affected link cisagov 2021-12-14
Avaya Avaya OneCloud-Private-UCaaS - Mid Market Aura 1 Affected link cisagov 2021-12-14
Avaya Avaya Session Border Controller for Enterprise 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 Affected link PSN020554u cisagov 2021-12-14
Avaya Avaya Social Media Hub Affected link cisagov 2021-12-14
Avaya Avaya Workforce Engagement 5.3 Affected link cisagov 2021-12-14
Avaya Business Rules Engine 3.4, 3.5, 3.6, 3.7 Affected link cisagov 2021-12-14
Avaya Callback Assist 5, 5.0.1 Affected link cisagov 2021-12-14
Avaya Control Manager 9.0.2, 9.0.2.1 Affected link cisagov 2021-12-14
Avaya Device Enrollment Service 3.1 Affected link cisagov 2021-12-14
Avaya Equinox Conferencing 9.1.2 Affected link cisagov 2021-12-14
Avaya Interaction Center 7.3.9 Affected link cisagov 2021-12-14
Avaya IP Office Platform 11.0.4, 11.1, 11.1.1, 11.1.2 Affected link cisagov 2021-12-14
Avaya Proactive Outreach Manager 3.1.2, 3.1.3, 4, 4.0.1 Affected link cisagov 2021-12-14
AVEPOINT All Unknown link cisagov 2022-01-12
AVM All Not Affected link devices, firmware, software incl. MyFritz Service. cisagov 2022-01-12
AvTech RoomAlert All Unknown link cisagov 2022-01-12
AXIS OS Not Affected link cisagov 2022-01-12
AXON All Unknown link cisagov 2022-01-12
AXS Guard All Unknown link cisagov 2022-01-12
Axways Applications All Unknown link cisagov 2022-01-12
B&R Industrial Automation APROL Unknown link cisagov 2021-12-16
BackBox Unknown link cisagov 2022-01-12
Balbix Unknown link cisagov 2022-01-12
Baramundi Products Unknown link cisagov 2022-01-12
Barco Unknown link cisagov 2022-01-12
Barracuda Unknown link cisagov 2022-01-12
Baxter Unknown link cisagov 2021-12-20
BBraun APEX® Compounder Not Affected link cisagov 2022-01-31
BBraun DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software All Fixed link cisagov 2022-01-31
BBraun Outlook® Safety Infusion System Pump family Not Affected link cisagov 2022-01-31
BBraun Pinnacle® Compounder Not Affected link cisagov 2022-01-31
BBraun Pump, SpaceStation, and Space® Wireless Battery) Not Affected link cisagov 2022-01-31
BBraun Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® Infusion Not Affected link cisagov 2022-01-31
BD Arctic Sun™ Analytics Unknown link cisagov 2021-12-20
BD BD Diabetes Care App Cloud Unknown link cisagov 2021-12-20
BD BD HealthSight™ Clinical Advisor Unknown link cisagov 2021-12-20
BD BD HealthSight™ Data Manager Unknown link cisagov 2021-12-20
BD BD HealthSight™ Diversion Management Unknown link cisagov 2021-12-20
BD BD HealthSight™ Infection Advisor Unknown link cisagov 2021-12-20
BD BD HealthSight™ Inventory Optimization Analytics Unknown link cisagov 2021-12-20
BD BD HealthSight™ Medication Safety Unknown link cisagov 2021-12-20
BD BD Knowledge Portal for BD Pyxis™ Supply Unknown link cisagov 2021-12-20
BD BD Knowledge Portal for Infusion Technologies Unknown link cisagov 2021-12-20
BD BD Knowledge Portal for Medication Technologies Unknown link cisagov 2021-12-20
BD BD Synapsys™ Informatics Solution Unknown link cisagov 2021-12-20
BD BD Veritor™ COVID At Home Solution Cloud Unknown link cisagov 2021-12-20
Beckman Coulter Access 2 (Immunoassay System) Not Affected link cisagov 2022-01-31
Beckman Coulter Ac•T 5diff (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter Ac•T Family (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter AU2700 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter AU480 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter AU5400 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter AU5800 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter AU640 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter AU680 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter AutoMate 1200 (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter AutoMate 1250 (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter AutoMate 2500 (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter AutoMate 2550 (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter DxA 5000 (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter DxA 5000 Fit (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 500 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 520 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 560 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 600 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 690T (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 800 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH 900 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH SMS (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxH SMS II (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxM Autoplak (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxM WalkAway 1040 (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxM WalkAway 1096 (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter DxONE Command Central (Information Systems) All Fixed link Customers can follow instructions to remove log4j cisagov 2022-01-31
Beckman Coulter DxONE Insights (Information Systems) Fixed link Patch has been applied. cisagov 2022-01-31
Beckman Coulter DxONE Inventory Manager (Information Systems) Not Affected link cisagov 2022-01-31
Beckman Coulter DxONE Workflow Manager (Information Systems) Not Affected link cisagov 2022-01-31
Beckman Coulter DxU Workcell (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter DxUc (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter DxUm (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter HighFlexX Software (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter HmX (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter HmX AL (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter iChemVELOCITY (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter IMMAGE 800 (Nephelometry) Not Affected link cisagov 2022-01-31
Beckman Coulter Intelligent Sample Banking ISB (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter Ipaw (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter iQ Workcell (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter iQ200 (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter iRICELL (Urinalysis) Not Affected link cisagov 2022-01-31
Beckman Coulter LabPro Workstation and Database Computers Provided by Beckman Coulter (Microbiology) All Affected link The only known instance of vulnerability due to Log4J is using Axeda services cisagov 2022-01-31
Beckman Coulter LH 500 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter LH Slidemaker (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter LH Slidestraine (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter LH750 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter LH780 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter LH785 (Hematology) Not Affected link cisagov 2022-01-31
Beckman Coulter MicroScan autoSCAN-4 (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter PK7300 (Blood Bank) Not Affected link cisagov 2022-01-31
Beckman Coulter PK7400 (Blood Bank) Not Affected link cisagov 2022-01-31
Beckman Coulter Power Express (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter Power Link (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter Power Processor (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter PROService (Information Systems) Not Affected link cisagov 2022-01-31
Beckman Coulter RAP Box (Information Systems) Not Affected link cisagov 2022-01-31
Beckman Coulter REMISOL ADVANCE (Information Systems) Not Affected link cisagov 2022-01-31
Beckman Coulter Sorting Drive (Lab Automation) Not Affected link cisagov 2022-01-31
Beckman Coulter Unicel DxC 600 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter Unicel DxC 800 (Chemistry System) Not Affected link cisagov 2022-01-31
Beckman Coulter Unicel DxI 600 (Immunoassay System) Not Affected link cisagov 2022-01-31
Beckman Coulter Unicel DxI 800 (Immunoassay System) Not Affected link cisagov 2022-01-31
Beckman Coulter WalkAway 40 plus (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter WalkAway 40 SI (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter WalkAway 96 plus (Microbiology) Not Affected link cisagov 2022-01-31
Beckman Coulter WalkAway 96 SI (Microbiology) Not Affected link cisagov 2022-01-31
Beijer Electronics acirro+ Unknown link cisagov 2021-12-22
Beijer Electronics BFI frequency inverters Unknown link cisagov 2021-12-22
Beijer Electronics BSD servo drives Unknown link cisagov 2021-12-22
Beijer Electronics CloudVPN Unknown link cisagov 2021-12-22
Beijer Electronics FnIO-G and M Distributed IO Unknown link cisagov 2021-12-22
Beijer Electronics iX Developer Unknown link cisagov 2021-12-22
Beijer Electronics Nexto modular PLC Unknown link cisagov 2021-12-22
Beijer Electronics Nexto Xpress compact controller Unknown link cisagov 2021-12-22
Beijer Electronics WARP Engineering Studio Unknown link cisagov 2021-12-22
Bender Unknown link cisagov 2022-01-12
Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) Unknown link cisagov 2022-01-12
BeyondTrust Privilege Management Cloud Unknown Fixed link cisagov 2021-12-17
BeyondTrust Privilege Management Reporting in BeyondInsight 21.2 Fixed link cisagov 2021-12-17
BeyondTrust Secure Remote Access appliances Not Affected link cisagov 2021-12-17
BeyondTrust Bomgar Unknown link cisagov 2022-01-12
BioMerieux Unknown link cisagov 2021-12-22
BisectHosting Unknown link cisagov 2022-01-12
BitDefender Unknown link cisagov 2022-01-12
BitNami By VMware Unknown link cisagov 2022-01-12
BitRise Unknown link cisagov 2022-01-12
Bitwarden Unknown link cisagov 2022-01-12
Biztory Fivetran Unknown link Vendor review indicated Fivetran is not vulnerable to Log4j2 cisagov 2022-01-12
Black Kite Unknown link cisagov 2022-01-12
Blancco Unknown link cisagov 2022-01-12
Blumira Unknown link cisagov 2022-01-12
BMC Bladelogic Database Automation Unknown link cisagov 2022-01-12
BMC BMC AMI Ops Unknown link cisagov 2022-01-12
BMC BMC AMI Products Unknown link cisagov 2022-01-12
BMC BMC Compuware Unknown link cisagov 2022-01-12
BMC BMC Helix Automation Console Unknown link cisagov 2022-01-12
BMC BMC Helix Business Workflows Unknown link cisagov 2022-01-12
BMC BMC Helix Client Management Unknown link cisagov 2022-01-12
BMC BMC Helix Cloud Cost Unknown link cisagov 2022-01-12
BMC BMC Helix Cloud Security Unknown link cisagov 2022-01-12
BMC BMC Helix CMDB Unknown link cisagov 2022-01-12
BMC BMC Helix Continuous Optimization Unknown link cisagov 2022-01-12
BMC BMC Helix Control-M Unknown link cisagov 2022-01-12
BMC BMC Helix Digital Workplace Unknown link cisagov 2022-01-12
BMC BMC Helix Discovery Unknown link cisagov 2022-01-12
BMC BMC Helix ITSM Unknown link cisagov 2022-01-12
BMC BMC Helix Knowledge Management Unknown link cisagov 2022-01-12
BMC BMC Helix Operations Management with AIOps Unknown link cisagov 2022-01-12
BMC BMC Helix Platform Unknown link cisagov 2022-01-12
BMC BMC Helix platform Unknown link cisagov 2022-01-12
BMC BMC Helix Remediate Unknown link cisagov 2022-01-12
BMC BMC Helix Remediate Unknown link cisagov 2022-01-12
BMC BMC Helix Remedyforce Unknown link cisagov 2022-01-12
BMC BMC Helix Virtual Agent Unknown link cisagov 2022-01-12
BMC Cloud Lifecycle Management Unknown link cisagov 2022-01-12
BMC Control-M Unknown link cisagov 2022-01-12
BMC Footprints Unknown link cisagov 2022-01-12
BMC MainView Middleware Administrator Unknown link cisagov 2022-01-12
BMC MainView Middleware Monitor Unknown link cisagov 2022-01-12
BMC Remedy ITSM (IT Service Management) Unknown link cisagov 2022-01-12
BMC SmartIT Unknown link cisagov 2022-01-12
BMC Track-It! Unknown link cisagov 2022-01-12
BMC TrueSight Automation for Networks Unknown link cisagov 2022-01-12
BMC TrueSight Automation for Servers Unknown link cisagov 2022-01-12
BMC TrueSight Capacity Optimization Unknown link cisagov 2022-01-12
BMC TrueSight Infrastructure Management Unknown link cisagov 2022-01-12
BMC TrueSight Operations Management Unknown link cisagov 2022-01-12
BMC TrueSight Orchestration Unknown link cisagov 2022-01-12
Bosch Unknown link cisagov 2021-12-22
Boston Scientific Unknown link cisagov 2021-12-20
Box Unknown link cisagov 2022-01-12
Brainworks Unknown link cisagov 2022-01-12
BrightSign Unknown link cisagov 2022-01-12
Broadcom Advanced Secure Gateway (ASG) Unknown link cisagov 2022-01-12
Broadcom Automic Automation Unknown link cisagov 2022-01-12
Broadcom BCAAA Unknown link cisagov 2022-01-12
Broadcom CA Advanced Authentication 9.1 Affected cisagov 2022-01-12
Broadcom CA Risk Authentication Unknown cisagov 2022-01-12
Broadcom CA Strong Authentication Unknown cisagov 2022-01-12
Broadcom Cloud Workload Protection (CWP) Unknown link cisagov 2022-01-12
Broadcom Cloud Workload Protection for Storage (CWP:S) Unknown link cisagov 2022-01-12
Broadcom CloudSOC Cloud Access Security Broker (CASB) Unknown link cisagov 2022-01-12
Broadcom Content Analysis (CA) Unknown link cisagov 2022-01-12
Broadcom Critical System Protection (CSP) Unknown link cisagov 2022-01-12
Broadcom Data Center Security (DCS) Unknown link cisagov 2022-01-12
Broadcom Data Loss Prevention (DLP) Unknown link cisagov 2022-01-12
Broadcom Email Security Service (ESS) Unknown link cisagov 2022-01-12
Broadcom Ghost Solution Suite (GSS) Unknown link cisagov 2022-01-12
Broadcom HSM Agent Unknown link cisagov 2022-01-12
Broadcom Industrial Control System Protection (ICSP) Unknown link cisagov 2022-01-12
Broadcom Integrated Cyber Defense Manager (ICDm) Unknown link cisagov 2022-01-12
Broadcom Integrated Secure Gateway (ISG) Unknown link cisagov 2022-01-12
Broadcom IT Management Suite Unknown link cisagov 2022-01-12
Broadcom Layer7 API Developer Portal Unknown link cisagov 2022-01-12
Broadcom Layer7 API Gateway Unknown link cisagov 2022-01-12
Broadcom Layer7 Mobile API Gateway Unknown link cisagov 2022-01-12
Broadcom Management Center (MC) Unknown link cisagov 2022-01-12
Broadcom PacketShaper (PS) S-Series Unknown link cisagov 2022-01-12
Broadcom PolicyCenter (PC) S-Series Unknown link cisagov 2022-01-12
Broadcom Privileged Access Manager Unknown link cisagov 2022-01-12
Broadcom Privileged Access Manager Server Control Unknown link cisagov 2022-01-12
Broadcom Privileged Identity Manager Unknown link cisagov 2022-01-12
Broadcom ProxySG Unknown link cisagov 2022-01-12
Broadcom Reporter Unknown link cisagov 2022-01-12
Broadcom Secure Access Cloud (SAC) Unknown link cisagov 2022-01-12
Broadcom Security Analytics (SA) Unknown link cisagov 2022-01-12
Broadcom SiteMinder (CA Single Sign-On) Unknown link cisagov 2022-01-12
Broadcom SSL Visibility (SSLV) Unknown link cisagov 2022-01-12
Broadcom Symantec Control Compliance Suite (CCS) Unknown link cisagov 2022-01-12
Broadcom Symantec Directory Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Detection and Response (EDR) Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Encryption (SEE) Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Protection (SEP) Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Protection (SEP) for Mobile Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Protection Manager (SEPM) 14.3 Affected link cisagov 2022-01-12
Broadcom Symantec Identity Governance and Administration (IGA) Unknown link cisagov 2022-01-12
Broadcom Symantec Mail Security for Microsoft Exchange (SMSMSE) Unknown link cisagov 2022-01-12
Broadcom Symantec Messaging Gateway (SMG) Unknown link cisagov 2022-01-12
Broadcom Symantec PGP Solutions Unknown link cisagov 2022-01-12
Broadcom Symantec Protection Engine (SPE) Unknown link cisagov 2022-01-12
Broadcom Symantec Protection for SharePoint Servers (SPSS) Unknown link cisagov 2022-01-12
Broadcom VIP Unknown link cisagov 2022-01-12
Broadcom VIP Authentication Hub Unknown link cisagov 2022-01-12
Broadcom Web Isolation (WI) Unknown link cisagov 2022-01-12
Broadcom Web Security Service (WSS) Unknown link cisagov 2022-01-12
Broadcom WebPulse Unknown link cisagov 2022-01-12
C4b XPHONE Unknown link cisagov 2022-01-12
Campbell Scientific All Unknown link cisagov 2021-12-23
Camunda Unknown link cisagov 2022-01-12
Canary Labs All Unknown link cisagov 2021-12-22
Canon Canon DR Products CXDI_NE) Not Affected link Such as Omnera, FlexPro, Soltus cisagov 2022-02-02
Canon CT Medical Imaging Products Not Affected link cisagov 2022-02-02
Canon Eye-Care Products Not Affected link cisagov 2022-02-02
Canon MR Medical Imaging Products Not Affected link cisagov 2022-02-02
Canon NM Medical Imaging Products Not Affected link cisagov 2022-02-02
Canon UL Medical Imaging Products Not Affected link cisagov 2022-02-02
Canon Vitrea Advanced 7.x All Affected link cisagov 2022-02-02
Canon VL Alphenix Angio Workstation (AWS) All Affected link cisagov 2022-02-02
Canon VL Infinix-i Angio Workstation (AWS) Not Affected link cisagov 2022-02-02
Canon XR Medical Imaging Products Not Affected link cisagov 2022-02-02
CapStorm Copystorm Unknown cisagov 2021-12-22
CarbonBlack Unknown link cisagov 2022-01-12
Carestream Unknown link cisagov 2021-12-20
Carrier Unknown link cisagov 2022-01-12
CAS genesisWorld Unknown link cisagov 2022-01-12
Cato Networks Unknown link cisagov 2022-01-12
Cepheid C360 Unknown link cisagov 2021-12-20
Cepheid GeneXpert Unknown link cisagov 2021-12-20
Cerberus FTP Unknown link cisagov 2022-01-12
Chaser Systems discrimiNAT Firewall Not Affected link cisagov 2022-01-12
Check Point CloudGuard Not Affected link cisagov 2022-01-12
Check Point Harmony Endpoint & Harmony Mobile Not Affected link cisagov 2022-01-12
Check Point Infinity Portal Unknown link cisagov 2022-01-12
Check Point Quantum Security Gateway Not Affected link cisagov 2022-01-12
Check Point Quantum Security Management Not Affected link Where used, uses the 1.8.0_u241 version of the JRE that protects against this attack by default. cisagov 2022-01-12
Check Point SMB Not Affected link cisagov 2022-01-12
Check Point ThreatCloud Unknown link cisagov 2022-01-12
CheckMK Unknown link cisagov 2022-01-12
Ciphermail Unknown link cisagov 2022-01-12
CircleCI CircleCI Unknown link cisagov 2021-12-21
CIS Unknown link cisagov 2022-01-12
Cisco AppDynamics Unknown link cisagov 2022-01-12
Cisco Cisco ACI Multi-Site Orchestrator Unknown link cisagov 2022-01-12
Cisco Cisco ACI Virtual Edge Unknown link cisagov 2022-01-12
Cisco Cisco Adaptive Security Appliance (ASA) Software Unknown link cisagov 2022-01-12
Cisco Cisco Advanced Web Security Reporting Application Unknown link cisagov 2022-01-12
Cisco Cisco AMP Virtual Private Cloud Appliance Unknown link cisagov 2022-01-12
Cisco Cisco AnyConnect Secure Mobility Client Unknown link cisagov 2022-01-12
Cisco Cisco Application Policy Infrastructure Controller (APIC) Unknown link cisagov 2022-01-12
Cisco Cisco ASR 5000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco Broadcloud Calling Unknown link cisagov 2022-01-12
Cisco Cisco BroadWorks Unknown link cisagov 2022-01-12
Cisco Cisco Catalyst 9800 Series Wireless Controllers Unknown link cisagov 2022-01-12
Cisco Cisco CloudCenter Suite Admin Unknown link cisagov 2022-01-12
Cisco Cisco CloudCenter Workload Manager Unknown link cisagov 2022-01-12
Cisco Cisco Cognitive Intelligence Unknown link cisagov 2022-01-12
Cisco Cisco Common Services Platform Collector Unknown link cisagov 2022-01-12
Cisco Cisco Computer Telephony Integration Object Server (CTIOS) Unknown link cisagov 2022-01-12
Cisco Cisco Connected Grid Device Manager Unknown link cisagov 2022-01-12
Cisco Cisco Connected Mobile Experiences Unknown link cisagov 2022-01-12
Cisco Cisco Connectivity Unknown link cisagov 2022-01-12
Cisco Cisco Contact Center Domain Manager (CCDM) Unknown link cisagov 2022-01-12
Cisco Cisco Contact Center Management Portal (CCMP) Unknown link cisagov 2022-01-12
Cisco Cisco Crosswork Change Automation Unknown link cisagov 2022-01-12
Cisco Cisco CX Cloud Agent Software Unknown link cisagov 2022-01-12
Cisco Cisco Data Center Network Manager (DCNM) Unknown link cisagov 2022-01-12
Cisco Cisco Defense Orchestrator Unknown link cisagov 2022-01-12
Cisco Cisco DNA Assurance Unknown link cisagov 2022-01-12
Cisco Cisco DNA Center Unknown link cisagov 2022-01-12
Cisco Cisco DNA Spaces Unknown link cisagov 2022-01-12
Cisco Cisco Elastic Services Controller (ESC) Unknown link cisagov 2022-01-12
Cisco Cisco Emergency Responder Unknown link cisagov 2022-01-12
Cisco Cisco Enterprise Chat and Email Unknown link cisagov 2022-01-12
Cisco Cisco Enterprise NFV Infrastructure Software (NFVIS) Unknown link cisagov 2022-01-12
Cisco Cisco Evolved Programmable Network Manager Unknown link cisagov 2022-01-12
Cisco Cisco Extensible Network Controller (XNC) Unknown link cisagov 2022-01-12
Cisco Cisco Finesse Unknown link cisagov 2022-01-12
Cisco Cisco Firepower Management Center Unknown link cisagov 2022-01-12
Cisco Cisco Firepower Threat Defense (FTD) Unknown link cisagov 2022-01-12
Cisco Cisco GGSN Gateway GPRS Support Node Unknown link cisagov 2022-01-12
Cisco Cisco HyperFlex System Unknown link cisagov 2022-01-12
Cisco Cisco Identity Services Engine (ISE) Unknown link cisagov 2022-01-12
Cisco Cisco Integrated Management Controller (IMC) Supervisor Unknown link cisagov 2022-01-12
Cisco Cisco Intersight Unknown link cisagov 2022-01-12
Cisco Cisco Intersight Virtual Appliance Unknown link cisagov 2022-01-12
Cisco Cisco IOS and IOS XE Software Unknown link cisagov 2022-01-12
Cisco Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) Unknown link cisagov 2022-01-12
Cisco Cisco IoT Operations Dashboard Unknown link cisagov 2022-01-12
Cisco Cisco IOx Fog Director Unknown link cisagov 2022-01-12
Cisco Cisco IP Services Gateway (IPSG) Unknown link cisagov 2022-01-12
Cisco Cisco Kinetic for Cities Unknown link cisagov 2022-01-12
Cisco Cisco MDS 9000 Series Multilayer Switches Unknown link cisagov 2022-01-12
Cisco Cisco Meeting Server Unknown link cisagov 2022-01-12
Cisco Cisco MME Mobility Management Entity Unknown link cisagov 2022-01-12
Cisco Cisco Modeling Labs Unknown link cisagov 2022-01-12
Cisco Cisco Network Assessment (CNA) Tool Unknown link cisagov 2022-01-12
Cisco Cisco Network Assurance Engine Unknown link cisagov 2022-01-12
Cisco Cisco Network Convergence System 2000 Series Unknown link cisagov 2022-01-12
Cisco Cisco Network Planner Unknown link cisagov 2022-01-12
Cisco Cisco Network Services Orchestrator (NSO) Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 5500 Platform Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 5600 Platform Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 6000 Series Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 7000 Series Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Unknown link cisagov 2022-01-12
Cisco Cisco Nexus Dashboard (formerly Cisco Application Services Engine) Unknown link cisagov 2022-01-12
Cisco Cisco Nexus Data Broker Unknown link cisagov 2022-01-12
Cisco Cisco Nexus Insights Unknown link cisagov 2022-01-12
Cisco Cisco Optical Network Planner Unknown link cisagov 2022-01-12
Cisco Cisco Packaged Contact Center Enterprise Unknown link cisagov 2022-01-12
Cisco Cisco Paging Server Unknown link cisagov 2022-01-12
Cisco Cisco Paging Server (InformaCast) Unknown link cisagov 2022-01-12
Cisco Cisco PDSN/HA Packet Data Serving Node and Home Agent Unknown link cisagov 2022-01-12
Cisco Cisco PGW Packet Data Network Gateway Unknown link cisagov 2022-01-12
Cisco Cisco Policy Suite Unknown link cisagov 2022-01-12
Cisco Cisco Prime Central for Service Providers Unknown link cisagov 2022-01-12
Cisco Cisco Prime Collaboration Manager Unknown link cisagov 2022-01-12
Cisco Cisco Prime Collaboration Provisioning Unknown link cisagov 2022-01-12
Cisco Cisco Prime Infrastructure Unknown link cisagov 2022-01-12
Cisco Cisco Prime License Manager Unknown link cisagov 2022-01-12
Cisco Cisco Prime Network Unknown link cisagov 2022-01-12
Cisco Cisco Prime Optical for Service Providers Unknown link cisagov 2022-01-12
Cisco Cisco Prime Provisioning Unknown link cisagov 2022-01-12
Cisco Cisco Prime Service Catalog Unknown link cisagov 2022-01-12
Cisco Cisco Registered Envelope Service Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge 1000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge 2000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge 5000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge Cloud Router Platform Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vManage Unknown link cisagov 2022-01-12
Cisco Cisco Secure Network Analytics (SNA), formerly Stealthwatch Unknown link cisagov 2022-01-12
Cisco Cisco SocialMiner Unknown link cisagov 2022-01-12
Cisco Cisco System Architecture Evolution Gateway (SAEGW) Unknown link cisagov 2022-01-12
Cisco Cisco TelePresence Management Suite Unknown link cisagov 2022-01-12
Cisco Cisco UCS Director Unknown link cisagov 2022-01-12
Cisco Cisco UCS Performance Manager Unknown link cisagov 2022-01-12
Cisco Cisco Umbrella Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Advanced Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Business Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Department Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Enterprise Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Premium Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Communications Manager Cloud Unknown link cisagov 2022-01-12
Cisco Cisco Unified Contact Center Enterprise Unknown link cisagov 2022-01-12
Cisco Cisco Unified Contact Center Enterprise - Live Data server Unknown link cisagov 2022-01-12
Cisco Cisco Unified Contact Center Express Unknown link cisagov 2022-01-12
Cisco Cisco Unified Intelligent Contact Management Enterprise Unknown link cisagov 2022-01-12
Cisco Cisco Unified SIP Proxy Software Unknown link cisagov 2022-01-12
Cisco Cisco Video Surveillance Operations Manager Unknown link cisagov 2022-01-12
Cisco Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM Unknown link cisagov 2022-01-12
Cisco Cisco Virtualized Voice Browser Unknown link cisagov 2022-01-12
Cisco Cisco Vision Dynamic Signage Director Unknown link cisagov 2022-01-12
Cisco Cisco WAN Automation Engine (WAE) Unknown link cisagov 2022-01-12
Cisco Cisco Web Security Appliance (WSA) Unknown link cisagov 2022-01-12
Cisco Cisco Webex Cloud-Connected UC (CCUC) Unknown link cisagov 2022-01-12
Cisco Cisco Webex Meetings Server Unknown link cisagov 2022-01-12
Cisco Cisco Webex Teams Unknown link cisagov 2022-01-12
Cisco Cisco Wide Area Application Services (WAAS) Unknown link cisagov 2022-01-12
Cisco Duo Unknown link cisagov 2022-01-12
Cisco DUO network gateway (on-prem/self-hosted) Unknown cisagov 2022-01-12
Cisco duo network gateway (on-prem/self-hosted) Unknown cisagov 2022-01-12
Cisco Exony Virtualized Interaction Manager (VIM) Unknown link cisagov 2022-01-12
Cisco Managed Services Accelerator (MSX) Network Access Control Service Unknown link cisagov 2022-01-12
Citrix Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Application Delivery Management (NetScaler MAS) Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Cloud Connector Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Connector Appliance for Cloud Services Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Content Collaboration (ShareFile Integration) Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Endpoint Management (Citrix XenMobile Server) Unknown link For CVE-2021-44228 and CVE-2021-45046: ImpactedCustomers are advised to apply the latest CEM rolling patch updates listed below as soon as possible to reduce the risk of exploitation. XenMobile Server 10.14 RP2; XenMobile Server 10.13 RP5; and XenMobile Server 10.12 RP10. Note: Customers who have upgraded their XenMobile Server to the updated versions are recommended not to apply the responder policy mentioned in the blog listed below to the Citrix ADC vserver in front of the XenMobile Server as it may impact the enrollment of Android devices. For CVE-2021-45105: Investigation in progress. cisagov 2021-12-21
Citrix Citrix Hypervisor (XenServer) Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix License Server Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix SD-WAN Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Unknown link IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046: Customers are advised to apply the latest update as soon as possible to reduce the risk of exploitation. Linux Virtual Delivery Agent 2112. See the Citrix Statement for additional mitigations. For CVE-2021-45105: Investigation has shown that Linux VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30, released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED: Linux VDA LTSR all versions; All other CVAD components. cisagov 2021-12-21
Citrix Citrix Workspace App Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix ShareFile Storage Zones Controller Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Claris Unknown link cisagov 2022-01-12
Cloudera AM2CM Tool Unknown link cisagov 2022-01-12
Cloudera Ambari Only versions 2.x, 1.x Affected link cisagov 2022-01-12
Cloudera Arcadia Enterprise Only version 7.1.x Affected link cisagov 2022-01-12
Cloudera CDH, HDP, and HDF Only version 6.x Affected link cisagov 2022-01-12
Cloudera CDP Operational Database (COD) Unknown link cisagov 2022-01-12
Cloudera CDP Private Cloud Base Only version 7.x Affected link cisagov 2022-01-12
Cloudera CDS 3 Powered by Apache Spark All versions Affected link cisagov 2022-01-12
Cloudera CDS 3.2 for GPUs All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Cybersecurity Platform All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Data Engineering (CDE) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Engineering (CDE) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Data Flow (CFM) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Science Workbench (CDSW) Only versions 2.x, 3.x Affected link cisagov 2022-01-12
Cloudera Cloudera Data Visualization (CDV) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Warehouse (CDW) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Warehouse (CDW) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera DataFlow (CDF) Unknown link cisagov 2022-01-12
Cloudera Cloudera Edge Management (CEM) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Enterprise Only version 6.x Affected link cisagov 2022-01-12
Cloudera Cloudera Flow Management (CFM) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Machine Learning (CML) Unknown link cisagov 2022-01-12
Cloudera Cloudera Machine Learning (CML) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) Only versions 7.0.x, 7.1.x, 7.2.x Affected link cisagov 2022-01-12
Cloudera Cloudera Manager (Including Backup Disaster Recovery (BDR)) Unknown link cisagov 2022-01-12
Cloudera Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) Only versions 7.0.x, 7.1.x, 7.2.x Affected link cisagov 2022-01-12
Cloudera Cloudera Stream Processing (CSP) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Streaming Analytics (CSA) Unknown link cisagov 2022-01-12
Cloudera Cloudera Streaming Analytics (CSA) Unknown link cisagov 2022-01-12
Cloudera Data Analytics Studio (DAS) Unknown link cisagov 2022-01-12
Cloudera Data Catalog Unknown link cisagov 2022-01-12
Cloudera Data Lifecycle Manager (DLM) Unknown link cisagov 2022-01-12
Cloudera Data Steward Studio (DSS) All versions Affected link cisagov 2022-01-12
Cloudera Hortonworks Data Flow (HDF) Unknown link cisagov 2022-01-12
Cloudera Hortonworks Data Platform (HDP) Only versions 7.1.x, 2.7.x, 2.6.x Affected link cisagov 2022-01-12
Cloudera Hortonworks DataPlane Platform Unknown link cisagov 2022-01-12
Cloudera Management Console All versions Affected link cisagov 2022-01-12
Cloudera Management Console for CDP Public Cloud Unknown link cisagov 2022-01-12
Cloudera Replication Manager Unknown link cisagov 2022-01-12
Cloudera SmartSense Unknown link cisagov 2022-01-12
Cloudera Workload Manager Unknown link cisagov 2022-01-12
Cloudera Workload XM All versions Affected link cisagov 2022-01-12
Cloudera Workload XM (SaaS) Unknown link cisagov 2022-01-12
CloudFlare Unknown link cisagov 2022-01-12
Cloudian HyperStore Unknown link cisagov 2022-01-12
Cloudogu Ecosystem All Affected link cisagov 2022-01-12
Cloudogu SCM-Manager Unknown link cisagov 2022-01-12
Cloudron Unknown link cisagov 2022-01-12
Clover Unknown link cisagov 2022-01-12
Code42 Code42 App 8.8.1 Fixed link cisagov 2021-12-22
Code42 Crashplan All Fixed link The CrashPlan app is EOL and is now called Code42. If you detect CrashPlan installed, it is vulnerable. You can update easily to Code42 8.8.1 or newer. https://www.crashplan.com/en-us/business/resources/crashplan-for-small-business-updates-its-desktop-app/ cisagov 2021-12-16
CodeBeamer Unknown link cisagov 2022-01-12
Codesys Unknown link cisagov 2022-01-12
Cohesity Unknown link cisagov 2022-01-12
CommVault Unknown link cisagov 2022-01-12
Concourse Concourse Unknown link cisagov 2022-01-12
ConcreteCMS.com Unknown link cisagov 2022-01-12
Confluent Confluent Cloud N/A Fixed link cisagov 2021-12-17
Confluent Confluent ElasticSearch Sink Connector <11.1.7 Affected link cisagov 2021-12-17
Confluent Confluent for Kubernetes Not Affected link cisagov 2021-12-17
Confluent Confluent Google DataProc Sink Connector <1.1.5 Affected link cisagov 2021-12-17
Confluent Confluent HDFS 2 Sink Connector <10.1.3 Affected link cisagov 2021-12-17
Confluent Confluent HDFS 3 Sink Connector <1.1.8 Affected link cisagov 2021-12-17
Confluent Confluent Kafka Connectors Not Affected link cisagov 2021-12-17
Confluent Confluent Platform <7.0.1 Affected link cisagov 2021-12-17
Confluent Confluent Splunk Sink Connector <2.05 Affected link cisagov 2021-12-17
Confluent Confluent VMWare Tanzu GemFire Sink Connector <1.0.8 Affected link cisagov 2021-12-17
Connect2id Unknown link cisagov 2022-01-12
ConnectWise Unknown link cisagov 2022-01-12
ContrastSecurity Unknown link cisagov 2022-01-12
ControlUp Unknown link cisagov 2022-01-12
COPADATA All Unknown link cisagov 2022-01-06
CouchBase Unknown link cisagov 2022-01-12
CPanel Unknown link cisagov 2022-01-12
Cradlepoint Unknown link cisagov 2022-01-12
Crestron Unknown link cisagov 2021-12-20
CrushFTP Unknown link cisagov 2022-01-12
CryptShare Unknown link cisagov 2022-01-12
CyberArk Privileged Threat Analytics (PTA) N/A Fixed link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2021-12-14
Cybereason Unknown link cisagov 2022-01-12
CyberRes Unknown link cisagov 2022-01-12
Daktronics All Sport Pro Unknown link cisagov 2022-01-06
Daktronics Dakronics Media Player Not Affected link cisagov 2022-01-06
Daktronics Dakronics Web Player DWP-1000 Affected link DWP-1000 is not present in our codebase, but awaiting confirmation from LG re webOS platform. cisagov 2022-01-06
Daktronics Data Vision Software (DVS) Unknown link DVS has one microservice that uses Log4j, but it uses a version that is not impacted. cisagov 2022-01-06
Daktronics Dynamic Messaging System (DMS) Unknown link cisagov 2022-01-06
Daktronics Dynamic Messaging System - DMS Core Player Not Affected link cisagov 2022-01-06
Daktronics Dynamic Messaging System - DMS Player hardware Not Affected link cisagov 2022-01-06
Daktronics Dynamic Messaging System - DMS Web Player Unknown link DMS Web Player not present in our codebase, but awaiting confirmation from LG re webOS platform. cisagov 2022-01-06
Daktronics IBoot - Dataprobe IBoot Devices Not Affected link cisagov 2022-01-06
Daktronics Outdoor Smartlink Devices Not Affected link cisagov 2022-01-06
Daktronics Routers - Cisco Meraki Z3/Z3c Routers Not Affected link cisagov 2022-01-06
Daktronics Routers - Cisco Z1 Routers Not Affected link cisagov 2022-01-06
Daktronics Routers - Sierra Wireless RV50x/RV50 A-3350704 Affected link cisagov 2022-01-06
Daktronics Show Control System (SCS) Unknown link cisagov 2022-01-06
Daktronics Vanguard Unknown link cisagov 2022-01-06
Daktronics Venus 1500 Unknown link cisagov 2022-01-06
Daktronics Venus Control Suite (VCS) Unknown link cisagov 2022-01-06
Daktronics Video Image Processors Not Affected link cisagov 2022-01-06
Daktronics Webcam - Mobotix Not Affected link cisagov 2022-01-06
DarkTrace All Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Dassault Systèmes All Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Databricks All Unknown link cisagov 2022-01-12
Datadog Datadog Agent >=6.17.0, <=6.32.2, >=7.17.0, <=7.32.2 Fixed link JMX monitoring component leverages an impacted version of log4j. cisagov 2022-01-12
Datadog datadog-kafka-connect-logs < 1.0.2 Fixed link Version 1.0.2 of the library uses version 2.16.0 of Log4j. cisagov 2022-01-12
Datadog datadog-lambda-java < 1.0.2 Fixed link Following AWS recommendation, library updated using the latest version of amazon-lambda-java-log4j2 (1.4.0). cisagov 2022-01-12
Dataminer All Unknown link cisagov 2022-01-12
Datev Unknown link cisagov 2022-01-12
Datto All Unknown link cisagov 2022-01-12
DBeaver All Not Affected link cisagov 2021-12-15
dCache.org All Unknown link cisagov 2022-01-12
Debian Apache-log4j.1.2 Not Affected link cisagov 2022-01-12
Debian Apache-log4j2 Unknown link cisagov 2022-01-12
Decos Cloud Not Affected link cisagov 2022-02-01
Decos EvenementenAssistent + InkomensAssistent + Leerlingenvervoer + AIM online Not Affected link cisagov 2022-02-01
Decos Fixi Not Affected link cisagov 2022-02-01
Decos Integrations (StUF/ZGW/Doclogic-DataIntegrator) Not Affected link cisagov 2022-02-01
Decos JOIN Klant Contact Not Affected link cisagov 2022-02-01
Decos JOIN Zaak &I Document (on-premise) All Fixed link The solution contains Elasticsearch (vulnerable). Mitigating actions available on our WIKI. cisagov 2022-02-01
Decos JOIN Zaak &I Document (on-premise) All Fixed link The SaaS hosted solution contains Logstash + Elasticsearch (vulnerable). Mitigating actions taken. cisagov 2022-02-01
Deepinstinct All Unknown link cisagov 2022-01-12
Dell Alienware Command Center Not Affected link cisagov 2021-12-15
Dell Alienware OC Controls Not Affected link cisagov 2021-12-15
Dell Alienware On Screen Display Not Affected link cisagov 2021-12-15
Dell Alienware Update Not Affected link cisagov 2021-12-15
Dell APEX Console Fixed link Cloud environment patched. cisagov 2021-12-15
Dell APEX Data Storage Services Affected link Cloud environment patch in progress. cisagov 2021-12-15
Dell Atmos Not Affected link cisagov 2021-12-15
Dell Avamar vproxy Not Affected link cisagov 2021-12-15
Dell CalMAN Powered Calibration Firmware Not Affected link cisagov 2021-12-15
Dell CalMAN Ready for Dell Not Affected link cisagov 2021-12-15
Dell Centera Not Affected link cisagov 2021-12-15
Dell Chameleon Linux Based Diagnostics Not Affected link cisagov 2021-12-15
Dell Chassis Management Controller (CMC) Not Affected link cisagov 2021-12-15
Dell China HDD Deluxe Not Affected link cisagov 2021-12-15
Dell Client Platforms (Latitude, OptiPlex, Alienware, Inspiron, Precision, XPS, Vostro, ChengMing) BIOS Not Affected link cisagov 2021-12-15
Dell Cloud IQ Fixed link Cloud environment patched. cisagov 2021-12-15
Dell Cloud Mobility for Dell EMC Storage Not Affected link cisagov 2021-12-15
Dell Cloud Tiering Appliance Not Affected link cisagov 2021-12-15
Dell CloudIQ Collector Not Affected link cisagov 2021-12-15
Dell Common Event Enabler Not Affected link cisagov 2021-12-15
Dell Connectrix (Cisco MDS 9000 switches) Not Affected link cisagov 2021-12-15
Dell Connectrix (Cisco MDS DCNM) V, e, r, s, i, o, n, s, , p, r, i, o, r, , t, o, , 1, 1, ., 5, (, 1, x, ) Affected link Patch expected by 12/23/21. DSA-2021-302 cisagov 2021-12-15
Dell Connectrix B-Series SANnav 2.1.1 Affected link Patch expected by 2/28/2022. DSA-2021-266 cisagov 2021-12-15
Dell Connextrix B Series Not Affected link cisagov 2021-12-15
Dell CyberSecIQ Application Not Affected link cisagov 2021-12-15
Dell CyberSense for PowerProtect Cyber Recovery Not Affected link cisagov 2021-12-15
Dell Data Domain OS Versions from 7.3.0.5 to 7.7.0.6 Affected link See DSA-2021-274 DSA-2021-274 cisagov 2021-12-15
Dell Dell BSAFE Crypto-C Micro Edition Not Affected link cisagov 2021-12-15
Dell Dell BSAFE Crypto-J Not Affected link cisagov 2021-12-15
Dell Dell BSAFE Micro Edition Suite Not Affected link cisagov 2021-12-15
Dell Dell Calibration Assistant Not Affected link cisagov 2021-12-15
Dell Dell Cinema Color Not Affected link cisagov 2021-12-15
Dell Dell Cloud Command Repository Manager Not Affected link cisagov 2021-12-15
Dell Dell Cloud Management Agent Not Affected link cisagov 2021-12-15
Dell Dell Color Management Not Affected link cisagov 2021-12-15
Dell Dell Command Configure Not Affected link cisagov 2021-12-15
Dell Dell Command Integration Suite for System Center Not Affected link cisagov 2021-12-15
Dell Dell Command Intel vPro Out of Band Not Affected link cisagov 2021-12-15
Dell Dell Command Monitor Not Affected link cisagov 2021-12-15
Dell Dell Command Power Manager Not Affected link cisagov 2021-12-15
Dell Dell Command PowerShell Provider Not Affected link cisagov 2021-12-15
Dell Dell Command Update Not Affected link cisagov 2021-12-15
Dell Dell Customer Connect Not Affected link cisagov 2021-12-15
Dell Dell Data Guardian* Not Affected link cisagov 2021-12-15
Dell Dell Data Protection* Not Affected link cisagov 2021-12-15
Dell Dell Data Recovery Environment Not Affected link cisagov 2021-12-15
Dell Dell Data Vault Not Affected link cisagov 2021-12-15
Dell Dell Data Vault for Chrome OS Not Affected link cisagov 2021-12-15
Dell Dell Deployment Agent Not Affected link cisagov 2021-12-15
Dell Dell Digital Delivery Not Affected link cisagov 2021-12-15
Dell Dell Direct USB Key Not Affected link cisagov 2021-12-15
Dell Dell Display Manager 1.5 for Windows / macOS Not Affected link cisagov 2021-12-15
Dell Dell Display Manager 2.0 for Windows / macOS Not Affected link cisagov 2021-12-15
Dell Dell EMC AppSync Not Affected link cisagov 2021-12-15
Dell Dell EMC Avamar 18.2, 19.1, 19.2, 19.3, 19.4 Affected link Patch expected by 12/20/21. DSA-2021-277 cisagov 2021-12-15
Dell Dell EMC BSN Controller Node Fixed link See DSA-2021-305 DSA-2021-305 cisagov 2021-12-15
Dell Dell EMC Cloud Disaster Recovery Versions from 19.6 and later Affected link Patch pending DSA-2021-289 cisagov 2021-12-15
Dell Dell EMC Cloudboost Not Affected link cisagov 2021-12-15
Dell Dell EMC CloudLink Not Affected link cisagov 2021-12-15
Dell Dell EMC Container Storage Modules Not Affected link cisagov 2021-12-15
Dell Dell EMC Data Computing Appliance (DCA) Not Affected link cisagov 2021-12-15
Dell Dell EMC Data Protection Advisor 18.x (or earlier) -standalone DPA is EOSL, 18.2.x (IDPA), 19.1.x, 19.2.x, 19.3.x, 19.4.x, 19.5.x, 19.6.0 Fixed link DSA-2021-309 cisagov 2021-12-15
Dell Dell EMC Data Protection Central 18.2.x-19.4.x, 19.5.0-19.5.0.7 Fixed link See DSA-2021-269 DSA-2021-269 cisagov 2021-12-15
Dell Dell EMC Data Protection Search Versions before 19.6 Affected link See DSA-2021-279 DSA-2021-279 cisagov 2021-12-15
Dell Dell EMC DataIQ Not Affected link cisagov 2021-12-15
Dell Dell EMC Disk Library for Mainframe Not Affected link cisagov 2021-12-15
Dell Dell EMC Enterprise Storage Analytics for vRealize Operations <6.0.0, 6.1.0, 6.2.x Affected link See DSA-2021-278 DSA-2021-278 cisagov 2021-12-15
Dell Dell EMC GeoDrive Not Affected link cisagov 2021-12-15
Dell Dell EMC Integrated System for Azure Stack HCI Affected link Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. See DSA-2021-307. DSA-2021-307 cisagov 2021-12-15
Dell Dell EMC Integrated System for Microsoft Azure Stack Hub Affected link Patchexpected by 2022-01-31. cisagov 2021-12-15
Dell Dell EMC Isilon InsightIQ Not Affected link cisagov 2021-12-15
Dell Dell EMC License Manager Not Affected link cisagov 2021-12-15
Dell Dell EMC Metro Node Versions before 7.0.1 P2 Affected link See DSA-2021-308 DSA-2021-308 cisagov 2021-12-15
Dell Dell EMC NetWorker 19.4.x, 19.5.x Affected link Patch expected by 12/20/21 DSA-2021-280 cisagov 2021-12-15
Dell Dell EMC NetWorker VE 19.4.x, 19.5.x Affected link Patch expected by 12/20/21 DSA-2021-280 cisagov 2021-12-15
Dell Dell EMC Networking Onie Not Affected link cisagov 2021-12-15
Dell Dell EMC Networking Virtual Edge Platform with VersaOS Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Ansible Modules Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Enterprise Services Version 1.2 and earlier Affected link Patch expected by 12/20/21 DSA-2021-276 cisagov 2021-12-15
Dell Dell EMC OpenManage integration for Splunk Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Integration for VMware vCenter Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Management pack for vRealize Operations Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerFlex Appliance Affected link See DSA-2021-293. DSA-2021-293 cisagov 2021-12-15
Dell Dell EMC PowerFlex Rack RCM 3.3 train - all versions up to 3.3.11.0, RCM 3.4 train - all versions up to 3.4.6.0, RCM 3.5 train - all versions up to 3.5.6.0, RCM 3.6 train - all versions up to 3.6.2.0 Affected link See DSA-2021-292. DSA-2021-292 cisagov 2021-12-15
Dell Dell EMC PowerFlex Software (SDS) 3.5, 3.5.1, 3.5.1.1, 3.5.1.2, 3.5.1.3, 3.5.1.4, 3.6, 3.6.0.1, 3.6.0.2 Affected link See DSA-2021-272. DSA-2021-272 cisagov 2021-12-15
Dell Dell EMC PowerPath Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerPath Management Appliance Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerProtect Cyber Recovery Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerProtect Data Manager All versions 19.9 and earlier Affected link See DSA-2021-286. DSA-2021-286 cisagov 2021-12-15
Dell Dell EMC PowerProtect DP Series Appliance (iDPA) 2.7.0 and earlier Affected link See DSA 2021-285. DSA-2021-285 cisagov 2021-12-15
Dell Dell EMC PowerScale OneFS Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerShell for PowerMax Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerShell for Powerstore Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerShell for Unity Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerStore Versions before 2.0.1.3-1538564 Affected link See DSA-2021-295. DSA-2021-295 cisagov 2021-12-15
Dell Dell EMC PowerSwitch Z9264F-ON BMC Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerSwitch Z9432F-ON BMC Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerVault ME4 Series Storage Arrays Not Affected link cisagov 2021-12-15
Dell Dell EMC RecoverPoint All Affected link See DSA 2021-284. DSA 2021-284 cisagov 2021-12-15
Dell Dell EMC Repository Manager (DRM) Not Affected link cisagov 2021-12-15
Dell Dell EMC Ruckus SmartZone 100 Controller Fixed link See DSA-2021-303 DSA-2021-303 cisagov 2021-12-15
Dell Dell EMC Ruckus SmartZone 300 Controller Fixed link See DSA-2021-303 DSA-2021-303 cisagov 2021-12-15
Dell Dell EMC Ruckus Virtual Software Fixed link See DSA-2021-303 DSA-2021-303 cisagov 2021-12-15
Dell Dell EMC SourceOne Not Affected link cisagov 2021-12-15
Dell Dell EMC SRM Versions before 4.6.0.2 Fixed link See DSA-2021-301. DSA-2021-301 cisagov 2021-12-15
Dell Dell EMC Streaming Data Platform 1.1, 1.2, 1.2 HF1, 1.3, 1.3.1 Affected link See DSA-2021-297. DSA-2021-297 cisagov 2021-12-15
Dell Dell EMC Systems Update (DSU) Not Affected link cisagov 2021-12-15
Dell Dell EMC Unisphere 360 Not Affected link cisagov 2021-12-15
Dell Dell EMC Unity Fixed link See DSA-2021-294. DSA-2021-294 cisagov 2021-12-15
Dell Dell EMC Virtual Storage Integrator Not Affected link cisagov 2021-12-15
Dell Dell EMC VPLEX Not Affected link cisagov 2021-12-15
Dell Dell EMC vProtect 19.5-19.9 Affected link See DSA-2022-007. DSA-2022-007 cisagov 2021-12-15
Dell Dell EMC VxRail 4.5.x, 4.7.x, 7.0.x Affected link See DSA-2021-265. DSA-2021-265 cisagov 2021-12-15
Dell Dell EMC XC Affected link See DSA-2021-311. DSA-2021-311 cisagov 2021-12-15
Dell Dell EMC XtremIO Not Affected link cisagov 2021-12-15
Dell Dell Encryption Enterprise* Not Affected link cisagov 2021-12-15
Dell Dell Encryption Personal* Not Affected link cisagov 2021-12-15
Dell Dell Endpoint Security Suite Enterprise* Not Affected link cisagov 2021-12-15
Dell Dell Hybrid Client Not Affected link cisagov 2021-12-15
Dell Dell ImageAssist Not Affected link cisagov 2021-12-15
Dell Dell Insights Client Not Affected link cisagov 2021-12-15
Dell Dell Linux Assistant Not Affected link cisagov 2021-12-15
Dell Dell Memory Solutions Not Affected link cisagov 2021-12-15
Dell Dell Mobile Connect Not Affected link cisagov 2021-12-15
Dell Dell Monitor ISP (Windows/Mac/Linux) Not Affected link cisagov 2021-12-15
Dell Dell Monitor SDK Not Affected link cisagov 2021-12-15
Dell Dell Networking X-Series Not Affected link cisagov 2021-12-15
Dell Dell OpenManage Change Management Not Affected link cisagov 2021-12-15
Dell Dell OpenManage Enterprise Versions before 3.8.2 Affected link See DSA-2021-275 DSA-2021-275 cisagov 2021-12-15
Dell Dell OpenManage Enterprise CloudIQ plugin Not Affected link cisagov 2021-12-15
Dell Dell OpenManage Enterprise Modular Versions before 1.40.10 Affected link See DSA-2021-268 DSA-2021-268 cisagov 2021-12-15
Dell Dell OpenManage Enterprise Power Manager plugin Not Affected link cisagov 2021-12-15
Dell Dell OpenManage Mobile Not Affected link cisagov 2021-12-15
Dell Dell OpenManage Server Administrator Not Affected link cisagov 2021-12-15
Dell Dell Optimizer Not Affected link cisagov 2021-12-15
Dell Dell OS Recovery Tool Not Affected link cisagov 2021-12-15
Dell Dell Peripheral Manager 1.4 / 1.5 for Windows Not Affected link cisagov 2021-12-15
Dell Dell Platform Service Not Affected link cisagov 2021-12-15
Dell Dell Power Manager Not Affected link cisagov 2021-12-15
Dell Dell Power Manager Lite Not Affected link cisagov 2021-12-15
Dell Dell Precision Optimizer Not Affected link cisagov 2021-12-15
Dell Dell Precision Optimizer for Linux Not Affected link cisagov 2021-12-15
Dell Dell Premier Color Not Affected link cisagov 2021-12-15
Dell Dell Recovery (Linux) Not Affected link cisagov 2021-12-15
Dell Dell Remediation Platform Not Affected link cisagov 2021-12-15
Dell Dell Remote Execution Engine (DRONE) Not Affected link cisagov 2021-12-15
Dell Dell Security Advisory Update - DSA-2021-088 Not Affected link cisagov 2021-12-15
Dell Dell Security Management Server & Dell Security Management Server Virtual* Not Affected link cisagov 2021-12-15
Dell Dell SupportAssist SOS Not Affected link cisagov 2021-12-15
Dell Dell Thin OS Not Affected link cisagov 2021-12-15
Dell Dell Threat Defense Not Affected link cisagov 2021-12-15
Dell Dell True Color Not Affected link cisagov 2021-12-15
Dell Dell Trusted Device Not Affected link cisagov 2021-12-15
Dell Dell Update Not Affected link cisagov 2021-12-15
Dell Dream Catcher Not Affected link cisagov 2021-12-15
Dell DUP Creation Service Not Affected link cisagov 2021-12-15
Dell DUP Framework (ISG) Not Affected link cisagov 2021-12-15
Dell ECS 3.3.x, 3.4.x, 3.5.x, 3.6.0.x, 3.6.1.x, 3.6.2.0 Fixed link See DSA-2021-273. DSA-2021-273 cisagov 2021-12-15
Dell Embedded NAS Not Affected link cisagov 2021-12-15
Dell Embedded Service Enabler Not Affected link cisagov 2021-12-15
Dell Enterprise Hybrid Cloud Not Affected link See DSA-2021-270. DSA-2021-270 cisagov 2021-12-15
Dell Equallogic PS Not Affected link cisagov 2021-12-15
Dell Fluid FS Not Affected link cisagov 2021-12-15
Dell iDRAC Service Module (iSM) Not Affected link cisagov 2021-12-15
Dell Infinity MLK (firmware) Not Affected link cisagov 2021-12-15
Dell Integrated Dell Remote Access Controller (iDRAC) Not Affected link cisagov 2021-12-15
Dell ISG Accelerators Not Affected link cisagov 2021-12-15
Dell ISG Board & Electrical Not Affected link cisagov 2021-12-15
Dell ISG Drive & Storage Media Not Affected link cisagov 2021-12-15
Dell IsilonSD Management Server Not Affected link cisagov 2021-12-15
Dell IVE-WinDiag Not Affected link cisagov 2021-12-15
Dell Mainframe Enablers Not Affected link cisagov 2021-12-15
Dell MDS Not Affected link cisagov 2021-12-15
Dell My Dell Not Affected link cisagov 2021-12-15
Dell MyDell Mobile Not Affected link cisagov 2021-12-15
Dell NetWorker Management Console Not Affected link cisagov 2021-12-15
Dell Networking BIOS Not Affected link cisagov 2021-12-15
Dell Networking DIAG Not Affected link cisagov 2021-12-15
Dell Networking N-Series Not Affected link cisagov 2021-12-15
Dell Networking OS 10 Not Affected link cisagov 2021-12-15
Dell Networking OS 9 Not Affected link cisagov 2021-12-15
Dell Networking SD-WAN Edge SD-WAN Not Affected link cisagov 2021-12-15
Dell Networking W-Series Not Affected link cisagov 2021-12-15
Dell Networking X-Series Not Affected link cisagov 2021-12-15
Dell OMIMSSC (OpenManage Integration for Microsoft System Center) Not Affected link cisagov 2021-12-15
Dell OMNIA Not Affected link cisagov 2021-12-15
Dell OpenManage Connections - Nagios Not Affected link cisagov 2021-12-15
Dell OpenManage Connections - ServiceNow Not Affected link cisagov 2021-12-15
Dell OpenManage Integration for Microsoft System Center for System Center Operations Manager Not Affected link cisagov 2021-12-15
Dell OpenManage Integration with Microsoft Windows Admin Center Not Affected link cisagov 2021-12-15
Dell OpenManage Network Integration Not Affected link cisagov 2021-12-15
Dell OpenManage Power Center Not Affected link cisagov 2021-12-15
Dell PowerConnect N3200 Not Affected link cisagov 2021-12-15
Dell PowerConnect PC2800 Not Affected link cisagov 2021-12-15
Dell PowerConnect PC8100 Not Affected link cisagov 2021-12-15
Dell PowerEdge Accelerator Solutions Not Affected link cisagov 2021-12-15
Dell PowerEdge BIOS Not Affected link cisagov 2021-12-15
Dell PowerEdge Networking Solutions Not Affected link cisagov 2021-12-15
Dell PowerEdge Operating Systems Not Affected link cisagov 2021-12-15
Dell PowerEdge RAID Controller Solutions Not Affected link cisagov 2021-12-15
Dell PowerTools Agent Not Affected link cisagov 2021-12-15
Dell PPDM Kubernetes cProxy Not Affected link cisagov 2021-12-15
Dell PPDM VMware vProxy Not Affected link cisagov 2021-12-15
Dell Redtail Not Affected link cisagov 2021-12-15
Dell Remotely Anywhere Not Affected link cisagov 2021-12-15
Dell Riptide (firmware) Not Affected link cisagov 2021-12-15
Dell Rugged Control Center (RCC) Not Affected link cisagov 2021-12-15
Dell SD ROM Utility Not Affected link cisagov 2021-12-15
Dell SDNAS Not Affected link cisagov 2021-12-15
Dell Secure Connect Gateway (SCG) Appliance "5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)" Affected link See DSA-2021-282 [] cisagov 2021-12-15
Dell Secure Connect Gateway (SCG) Appliance 5.00.00, 5.00.05, and 4.0.06 and earlier versions (OVF and VHD) Fixed link See DSA-2021-282 DSA-2021-282 cisagov 2021-12-15
Dell Secure Connect Gateway (SCG) Policy Manager 5.00.00.10, 5.00.05.10 Fixed link See DSA-2021-281 DSA-2021-281 cisagov 2021-12-15
Dell Server Storage Not Affected link cisagov 2021-12-15
Dell Smart Fabric Storage Software Not Affected link cisagov 2021-12-15
Dell SmartByte Not Affected link cisagov 2021-12-15
Dell SMI-S Not Affected link cisagov 2021-12-15
Dell Software RAID Not Affected link cisagov 2021-12-15
Dell Solutions Enabler Not Affected link cisagov 2021-12-15
Dell Solutions Enabler vApp Not Affected link cisagov 2021-12-15
Dell Sonic Not Affected link cisagov 2021-12-15
Dell SRS Policy Manager 7.0 Fixed link See DSA-2021-287. DSA-2021-287 cisagov 2021-12-15
Dell SRS VE Not Affected link cisagov 2021-12-15
Dell Storage Center - Dell Storage Manager 16.x, 17.x, 18.x, 19.x, 20.1.1 Affected link See DSA-2021-310. DSA-2021-310 cisagov 2021-12-15
Dell Storage Center OS and additional SC applications unless otherwise noted Not Affected link cisagov 2021-12-15
Dell SupportAssist Client Commercial Not Affected link cisagov 2021-12-15
Dell SupportAssist Client Consumer Not Affected link cisagov 2021-12-15
Dell SupportAssist Enterprise 2.0.70 and earlier Affected link See DSA-2021-283. DSA-2021-283 cisagov 2021-12-15
Dell UCC Edge Not Affected link cisagov 2021-12-15
Dell Unisphere Central Versions before 4.0 SP 9.2 (4.0.9.1541235) Fixed link See DSA-2021-296. DSA-2021-296 cisagov 2021-12-15
Dell Unisphere for PowerMax Not Affected link cisagov 2021-12-15
Dell Unisphere for PowerMax vApp Not Affected link cisagov 2021-12-15
Dell Unisphere for VMAX Not Affected link cisagov 2021-12-15
Dell Unisphere for VNX Not Affected link cisagov 2021-12-15
Dell Update Manager Plugin Not Affected link cisagov 2021-12-15
Dell Vblock Affected link Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. vce6771 cisagov 2021-12-15
Dell ViPR Controller Not Affected link cisagov 2021-12-15
Dell VMware vRealize Automation 8.x 8.2 8.3 8.4 8.5 and 8.6 Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell VMware vRealize Orchestrator 8.x 8.2 8.3 8.4 8.5 and 8.6 Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell VNX Control Station Not Affected link cisagov 2021-12-15
Dell VNX1 Not Affected link cisagov 2021-12-15
Dell VNX2 Not Affected link cisagov 2021-12-15
Dell VNXe 1600 Versions 3.1.16.10220572 and earlier Fixed link See DSA-2021-299 DSA-2021-299 cisagov 2021-12-15
Dell VNXe 3200 Version 3.1.15.10216415 and earlier Fixed link See DSA-2021-298 DSA-2021-298 cisagov 2021-12-15
Dell VPLEX VS2/VS6 / VPLEX Witness Not Affected link cisagov 2021-12-15
Dell vRealize Data Protection Extension Data Management Fixed link See DSA-2021-290. DSA-2021-290 cisagov 2021-12-15
Dell vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage Fixed link See DSA-2021-300. DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC PowerMax Version 1.2.3 or earlier Fixed link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC PowerScale Version 1.1.0 or earlier Fixed link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC PowerStore Version 1.1.4 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC Unity Version 1.0.6 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC XtremIO Version 4.1.2 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell Vsan Ready Nodes Not Affected link cisagov 2021-12-15
Dell VxBlock Not Affected link Patch pending See vce6771 (requires customer login). This advisory is available to customer only and has not been reviewed by CISA. vce6771 cisagov 2021-12-15
Dell Warnado MLK (firmware) Not Affected link cisagov 2021-12-15
Dell Wyse Management Suite < 3.5 Fixed link See DSA-2021-267 DSA-2021-267 cisagov 2021-12-15
Dell Wyse Proprietary OS (ThinOS) Not Affected link cisagov 2021-12-15
Dell Wyse Windows Embedded Suite Not Affected link cisagov 2021-12-15
Deltares Delft-FEWS >2018.02 Fixed link Mitigations Only cisagov 2021-12-22
Denequa All Unknown link cisagov 2022-01-12
Device42 All Not Affected link cisagov 2022-01-12
Devolutions All Not Affected link cisagov 2022-01-12
Diebold Nixdorf All Unknown link cisagov 2022-01-12
Digi International AnywhereUSB Manager Not Affected link cisagov 2021-12-21
Digi International ARMT Not Affected link cisagov 2021-12-21
Digi International Aview Not Affected link cisagov 2021-12-21
Digi International AVWOB Not Affected link cisagov 2021-12-21
Digi International CTEK G6200 family Not Affected link cisagov 2021-12-21
Digi International CTEK SkyCloud Not Affected link cisagov 2021-12-21
Digi International CTEK Z45 family Not Affected link cisagov 2021-12-21
Digi International Digi 54xx family Not Affected link cisagov 2021-12-21
Digi International Digi 63xx family Not Affected link cisagov 2021-12-21
Digi International Digi AnywhereUSB (G2) family Not Affected link cisagov 2021-12-21
Digi International Digi AnywhereUSB Plus family Not Affected link cisagov 2021-12-21
Digi International Digi Connect EZ family Not Affected link cisagov 2021-12-21
Digi International Digi Connect family Not Affected link cisagov 2021-12-21
Digi International Digi Connect IT family Not Affected link cisagov 2021-12-21
Digi International Digi Connect Sensor family Not Affected link cisagov 2021-12-21
Digi International Digi Connect WS family Not Affected link cisagov 2021-12-21
Digi International Digi ConnectPort family Not Affected link cisagov 2021-12-21
Digi International Digi ConnectPort LTS family Not Affected link cisagov 2021-12-21
Digi International Digi Embedded Android Not Affected link cisagov 2021-12-21
Digi International Digi Embedded Yocto Not Affected link cisagov 2021-12-21
Digi International Digi EX routers Not Affected link cisagov 2021-12-21
Digi International Digi IX routers Not Affected link cisagov 2021-12-21
Digi International Digi LR54 Not Affected link cisagov 2021-12-21
Digi International Digi Navigator Not Affected link cisagov 2021-12-21
Digi International Digi One family Not Affected link cisagov 2021-12-21
Digi International Digi Passport family Not Affected link cisagov 2021-12-21
Digi International Digi PortServer TS family Not Affected link cisagov 2021-12-21
Digi International Digi Remote Manager Not Affected link cisagov 2021-12-21
Digi International Digi TX routers Not Affected link cisagov 2021-12-21
Digi International Digi WR11 Not Affected link cisagov 2021-12-21
Digi International Digi WR21 Not Affected link cisagov 2021-12-21
Digi International Digi WR31 Not Affected link cisagov 2021-12-21
Digi International Digi WR44R/RR Not Affected link cisagov 2021-12-21
Digi International Digi WR54 Not Affected link cisagov 2021-12-21
Digi International Digi WR64 Not Affected link cisagov 2021-12-21
Digi International Digi Xbee mobile app Not Affected link cisagov 2021-12-21
Digi International Lighthouse Not Affected link cisagov 2021-12-21
Digi International Realport Not Affected link cisagov 2021-12-21
Digi International Remote Hub Config Utility Not Affected link cisagov 2021-12-21
Digicert All Unknown link cisagov 2022-01-12
Digital AI All Unknown link cisagov 2022-01-12
Digital Alert Systems All Unknown link Formerly Monroe Electronics, Inc. cisagov 2022-01-05
DirectAdmin All Not Affected link Invidivual plugins not developed as part of DirectAdmin core may be vulnerable. cisagov 2022-01-05
DNSFilter All Unknown link cisagov 2022-01-12
Docker Infrastructure Not Affected link Docker infrastructure not vulnerable, Docker images could be vulnerable. For more info see source. cisagov 2022-01-12
Docusign All Unknown link cisagov 2022-01-12
DotCMS Hybrid Content Management System Fixed link cisagov 2022-01-12
DrayTek All Not Affected link cisagov 2021-12-15
Dropwizard All Not Affected link Only vulnerable if you manually added Log4j. cisagov 2021-12-15
Dräger All Not Affected link cisagov 2021-12-15
DSpace All Unknown link cisagov 2022-01-12
Dynatrace ActiveGate Fixed link cisagov 2021-12-21
Dynatrace Cloud Services Fixed link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace Extensions Fixed link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace FedRamp SAAS Fixed link cisagov 2021-12-21
Dynatrace Managed cluster nodes Not Affected link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace OneAgent Not Affected link cisagov 2021-12-21
Dynatrace SAAS Fixed link cisagov 2021-12-21
Dynatrace Synthetic Private ActiveGate Fixed link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace Synthetic public locations Fixed link cisagov 2021-12-21
EasyRedmine All Unknown link cisagov 2022-01-12
Eaton All Unknown link For security purposes direct notifications are being made to impacted customers. Please stay tuned for more updates. cisagov 2022-01-12
EclecticIQ TIP < 2.11 Affected link This advisory is available to customer only and has not been reviewed by CISA. The Threat Intel Platform includes Neo4j 3.5.12 (not vulnerable) and Elasticsearch and Logstash OSS 7.9.1 (vulnerable) see Elasticsearch below for mitigation. See link in their own fix for Logstash (Support account needed, ongoing investigation) cisagov 2022-01-12
Eclipse Foundation All Unknown link cisagov 2022-01-12
Edwards All Not Affected link cisagov 2022-01-06
EFI All Unknown link cisagov 2022-01-12
eG Innovations eG Enterprise Not Affected link cisagov 2022-01-06
EGroupware All Unknown link cisagov 2022-01-12
Elastic APM Java Agent 1.17.0 - 1.28.0 Fixed link Only vulnerable with specific configuration. cisagov 2021-12-15
Elastic APM Server Not Affected link cisagov 2021-12-15
Elastic Beats Not Affected link cisagov 2021-12-15
Elastic Cmd Not Affected link cisagov 2021-12-15
Elastic Elastic Agent Not Affected link cisagov 2021-12-15
Elastic Elastic Cloud Not Affected link cisagov 2021-12-15
Elastic Elastic Cloud Enterprise Not Affected link cisagov 2021-12-15
Elastic Elastic Cloud on Kubernetes Not Affected link cisagov 2021-12-15
Elastic Elastic Endgame Not Affected link cisagov 2021-12-15
Elastic Elastic Maps Service Not Affected link cisagov 2021-12-15
Elastic Elasticsearch 7.16.2 Fixed link cisagov 2021-12-15
Elastic Endpoint Security Not Affected link cisagov 2021-12-15
Elastic Enterprise Search Not Affected link cisagov 2021-12-15
Elastic Fleet Server Not Affected link cisagov 2021-12-15
Elastic Kibana Not Affected link cisagov 2021-12-15
Elastic Logstash 6.8.22 Fixed link cisagov 2021-12-15
Elastic Machine Learning Not Affected link cisagov 2021-12-15
Elastic Swiftype Not Affected link cisagov 2021-12-15
Ellucian Admin Not Affected link cisagov 2021-12-17
Ellucian Banner Analytics Affected link cisagov 2021-12-17
Ellucian Banner Document Management (includes Banner Document Retention) Not Affected link cisagov 2021-12-17
Ellucian Banner Event Publisher Not Affected link cisagov 2021-12-17
Ellucian Banner Integration for eLearning Not Affected link cisagov 2021-12-17
Ellucian Banner Integration for eProcurement Not Affected link cisagov 2021-12-17
Ellucian Banner Self Service Not Affected link cisagov 2021-12-17
Ellucian Banner Workflow Not Affected link cisagov 2021-12-17
Ellucian Colleague Affected link On-prem and cloud deployements expect fixed 12/18/2021 cisagov 2021-12-17
Ellucian Colleague Analytics Not Affected link cisagov 2021-12-17
Ellucian CRM Advance Not Affected link cisagov 2021-12-17
Ellucian CRM Advise Not Affected link cisagov 2021-12-17
Ellucian CRM Recruit Not Affected link cisagov 2021-12-17
Ellucian Ellucian Advance Web Connector Not Affected link cisagov 2021-12-17
Ellucian Ellucian Data Access Not Affected link cisagov 2021-12-17
Ellucian Ellucian Design Path Not Affected link cisagov 2021-12-17
Ellucian Ellucian ePrint Not Affected link cisagov 2021-12-17
Ellucian Ellucian Ethos API & API Management Center Not Affected link cisagov 2021-12-17
Ellucian Ellucian Ethos Extend Not Affected link cisagov 2021-12-17
Ellucian Ellucian Ethos Integration Not Affected link cisagov 2021-12-17
Ellucian Ellucian eTranscripts Not Affected link cisagov 2021-12-17
Ellucian Ellucian Experience Not Affected link cisagov 2021-12-17
Ellucian Ellucian Intelligent Platform (ILP) Not Affected link cisagov 2021-12-17
Ellucian Ellucian International Student and Scholar Management (ISSM) Not Affected link cisagov 2021-12-17
Ellucian Ellucian Message Service (EMS) Not Affected link cisagov 2021-12-17
Ellucian Ellucian Messaging Adapter (EMA) Not Affected link cisagov 2021-12-17
Ellucian Ellucian Mobile Not Affected link cisagov 2021-12-17
Ellucian Ellucian Payment Gateway Not Affected link cisagov 2021-12-17
Ellucian Ellucian Portal Not Affected link cisagov 2021-12-17
Ellucian Ellucian PowerCampus Not Affected link cisagov 2021-12-17
Ellucian Ellucian Solution Manager Not Affected link cisagov 2021-12-17
Ellucian Ellucian Workflow Not Affected link cisagov 2021-12-17
Ellucian Enterprise Identity Services (BEIS) Not Affected link cisagov 2021-12-17
Emerson 148 Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 2051 Pressure Transmitter Family Not Affected link cisagov 2021-12-17
Emerson 2088 Pressure Transmitter Family Not Affected link cisagov 2021-12-17
Emerson 2090F/2090P Pressure Transmitters Not Affected link cisagov 2021-12-17
Emerson 215 Pressure Sensor Module Not Affected link cisagov 2021-12-17
Emerson 248 Configuration Application Not Affected link cisagov 2021-12-17
Emerson 248 Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 3051 & 3051S Pressure transmitter families Not Affected link cisagov 2021-12-17
Emerson 3144P Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 326P Pressure Transmitter Not Affected link cisagov 2021-12-17
Emerson 326T Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 327T Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 4088 Pressure Transmitter Not Affected link cisagov 2021-12-17
Emerson 4088 Upgrade Utility Not Affected link cisagov 2021-12-17
Emerson 4600 Pressure Transmitter Not Affected link cisagov 2021-12-17
Emerson 4732 Endeavor Not Affected link cisagov 2021-12-17
Emerson 550 PT Pressure Transmitter Not Affected link cisagov 2021-12-17
Emerson 5726 Transmitter Not Affected link cisagov 2021-12-17
Emerson 644 Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 648 Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson 848T Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson Combustion - OCX OXT 6888 CX1100 6888Xi Not Affected link cisagov 2021-12-17
Emerson CT2211 QCL Aerosol Microleak Detection System Not Affected link cisagov 2021-12-17
Emerson CT3000 QCL Automotive OEM Gas Analyzer Not Affected link cisagov 2021-12-17
Emerson CT4000 QCL Marine OEM Gas Analyzer Not Affected link cisagov 2021-12-17
Emerson CT4215 QCL Packaging Leak Detection System Not Affected link cisagov 2021-12-17
Emerson CT4400 QCL General Purpose Continuous Gas Analyzer Not Affected link cisagov 2021-12-17
Emerson CT4404 QCL pMDI Leak Detection Analyzer Not Affected link cisagov 2021-12-17
Emerson CT5100 QCL Field Housing Continuous Gas Analyzer Not Affected link cisagov 2021-12-17
Emerson CT5400 QCL General Purpose Continuous Gas Analyzer Not Affected link cisagov 2021-12-17
Emerson CT5800 QCL Flameproof Housing Continuous Gas Analyzer Not Affected link cisagov 2021-12-17
Emerson DHNC1 DHNC2 Not Affected link cisagov 2021-12-17
Emerson DHNC1 DHNC2 Not Affected link cisagov 2021-12-17
Emerson Emerson Aperio software Not Affected link cisagov 2021-12-17
Emerson Engineering Assistant Not Affected link cisagov 2021-12-17
Emerson Fieldwatch and Service consoles Not Affected link cisagov 2021-12-17
Emerson Fieldwatch and Service consoles Not Affected link cisagov 2021-12-17
Emerson Flame Detection - 975UF & 975UR Infrared Flame Detectors 975HR Infrared Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector Not Affected link cisagov 2021-12-17
Emerson Flarecheck FlowCheck Flowel & PWAM software Not Affected link cisagov 2021-12-17
Emerson Flarecheck FlowCheck Flowel & PWAM software Not Affected link cisagov 2021-12-17
Emerson Gas Analysis - X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD) Not Affected link cisagov 2021-12-17
Emerson Gas Chromatographs - M500/2350A MON2000 700XA/1500XA 370XA MON2020 Not Affected link cisagov 2021-12-17
Emerson Gas Detection - Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor Not Affected link cisagov 2021-12-17
Emerson Incus Ultrasonic gas leak detector Not Affected link cisagov 2021-12-17
Emerson K-Series Coriolis Transmitters Not Affected link cisagov 2021-12-17
Emerson Liquid Transmitters - 5081 1066 1056 1057 56' Not Affected link cisagov 2021-12-17
Emerson Mark III Gas and Liquid USM Not Affected link cisagov 2021-12-17
Emerson MPFM2600 & MPFM5726 Not Affected link cisagov 2021-12-17
Emerson Plantweb Advisor for Metrology and Metering Suite SDK Not Affected link cisagov 2021-12-17
Emerson Prolink Configuration Software Not Affected link cisagov 2021-12-17
Emerson Prolink Mobile Application & ProcessViz Software Not Affected link cisagov 2021-12-17
Emerson Rosemount 2230 Graphical Field Display Not Affected link cisagov 2021-12-17
Emerson Rosemount 2240S Multi-input Temperature Transmitter Not Affected link cisagov 2021-12-17
Emerson Rosemount 2410 Tank Hub Not Affected link cisagov 2021-12-17
Emerson Rosemount 2460 System Hub Not Affected link cisagov 2021-12-17
Emerson Rosemount 3490 Controller Not Affected link cisagov 2021-12-17
Emerson Rosemount CMS/IOU 61 Not Affected link cisagov 2021-12-17
Emerson Rosemount CMS/SCU 51/SCC Not Affected link cisagov 2021-12-17
Emerson Rosemount CMS/WSU 51/SWF 51 Not Affected link cisagov 2021-12-17
Emerson Rosemount IO-Link Assistant Not Affected link cisagov 2021-12-17
Emerson Rosemount Level Detectors (21xx) Not Affected link cisagov 2021-12-17
Emerson Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) Not Affected link cisagov 2021-12-17
Emerson Rosemount Radar Configuration Tool Not Affected link cisagov 2021-12-17
Emerson Rosemount Radar Level Gauges (Pro 39xx 59xx) Not Affected link cisagov 2021-12-17
Emerson Rosemount RadarMaster Not Affected link cisagov 2021-12-17
Emerson Rosemount RadarMaster Plus Not Affected link cisagov 2021-12-17
Emerson Rosemount Tank Radar Gauges (TGUxx) Not Affected link cisagov 2021-12-17
Emerson Rosemount TankMaster Not Affected link cisagov 2021-12-17
Emerson Rosemount TankMaster Mobile Not Affected link cisagov 2021-12-17
Emerson Spectrex family Flame Detectors and Rosemount 975 flame detector Not Affected link cisagov 2021-12-17
Emerson USM 3410 and 3810 Series Ultrasonic Transmitters Not Affected link cisagov 2021-12-17
Emerson USM 3410 and 3810 Series Ultrasonic Transmitters Not Affected link cisagov 2021-12-17
Emerson Vortex and Magmeter Transmitters Not Affected link cisagov 2021-12-17
Emerson WCM SWGM Not Affected link cisagov 2021-12-17
Enfocus BoardingPass Not Affected link cisagov 2022-01-12
Enfocus Connect Not Affected link cisagov 2022-01-12
Enfocus PDF Review Module Not Affected link cisagov 2022-01-12
Enfocus PitStop Not Affected link cisagov 2022-01-12
Enfocus Switch Not Affected link cisagov 2022-01-12
Enovation All Unknown link cisagov 2022-01-12
EnterpriseDT All Unknown link cisagov 2022-01-12
ESET All Not Affected link cisagov 2022-01-12
ESET Secure Authentication Fixed link cisagov 2022-01-12
ESRI ArcGIS Data Store All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS Enterprise All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS GeoEvent Server All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS Server All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS Workflow Manager Server All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI Portal for ArcGIS All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
Estos All Not Affected link cisagov 2022-01-12
EVL Labs JGAAP <8.0.2 Fixed link cisagov 2022-01-12
Evolveum Midpoint Midpoint Not Affected link cisagov 2022-01-12
Ewon All Not Affected link cisagov 2022-02-02
Ewon eCatcher 6.7.6 Fixed link cisagov 2022-02-02
Exabeam All Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Exact AEC Not Affected link cisagov 2022-01-12
Exact Audition Not Affected link cisagov 2022-01-12
Exact BoekhoudGemak Not Affected link cisagov 2022-01-12
Exact Bouw7 Not Affected link cisagov 2022-01-12
Exact Business Suite Not Affected link cisagov 2022-01-12
Exact CommunicatieGemak Not Affected link cisagov 2022-01-12
Exact Consolidation powered by LucaNet Fixed link cisagov 2022-01-12
Exact Digipoort Not Affected link cisagov 2022-01-12
Exact DigitaleFactuur Not Affected link cisagov 2022-01-12
Exact Dimoni Not Affected link cisagov 2022-01-12
Exact EDI Gateway Not Affected link cisagov 2022-01-12
Exact FDS Not Affected link cisagov 2022-01-12
Exact Financials Not Affected link cisagov 2022-01-12
Exact FiscaalGemak Not Affected link cisagov 2022-01-12
Exact Globe Core Product Not Affected link cisagov 2022-01-12
Exact Globe E-report/Crystal Reports Not Affected link cisagov 2022-01-12
Exact Go2UBL Not Affected link cisagov 2022-01-12
Exact Gripp Not Affected link cisagov 2022-01-12
Exact HR & SalarisGemak Not Affected link cisagov 2022-01-12
Exact Insights (Qlik) Not Affected link cisagov 2022-01-12
Exact Officient Not Affected link cisagov 2022-01-12
Exact Online All core products Not Affected link cisagov 2022-01-12
Exact Online Elastic Search Not Affected link cisagov 2022-01-12
Exact Online Samenwerken (OSW) Not Affected link cisagov 2022-01-12
Exact Payroll Plus (Loket) Not Affected link cisagov 2022-01-12
Exact ProAcc Not Affected link cisagov 2022-01-12
Exact ProQuro Not Affected link cisagov 2022-01-12
Exact RapportageGemak Not Affected link cisagov 2022-01-12
Exact Reeleezee Not Affected link cisagov 2022-01-12
Exact ScanSys Not Affected link cisagov 2022-01-12
Exact SRXP Not Affected link cisagov 2022-01-12
Exact Synergy Core Product Not Affected link cisagov 2022-01-12
Exact Synergy Elastic Search 6.6.2 Fixed link cisagov 2022-01-12
Exact WerkprogrammaGemak Not Affected link cisagov 2022-01-12
Exact Winbooks Not Affected link cisagov 2022-01-12
Exact WMS Not Affected link cisagov 2022-01-12
Exivity On-Premise Not Affected link cisagov 2022-01-12
Extensis Universal Type Server >=7.0.6 Fixed link cisagov 2022-01-12
ExtraHop Reveal(x) <=8.4.6, <=8.5.3, <=8.6.4 Affected link Versions >8.4.7, >8.5.4, >8.6.5 and >=8.7 are fixed. cisagov 2021-12-21
eXtreme Hosting All Not Affected link cisagov 2022-01-12
Extreme Networks 200-series Not Affected link cisagov 2022-01-12
Extreme Networks BOSS Not Affected link cisagov 2022-01-12
Extreme Networks EXOS Not Affected link cisagov 2022-01-12
Extreme Networks Extreme AirDefense Not Affected link cisagov 2022-01-12
Extreme Networks Extreme Campus Controller (Extreme Cloud Appliance) Not Affected link cisagov 2022-01-12
Extreme Networks Extreme Fabric Automation (EFA) Not Affected link cisagov 2022-01-12
Extreme Networks Extreme Management Center (XMC) Not Affected link cisagov 2022-01-12
Extreme Networks Extreme Visibility Manager (XVM) Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeAnalytics Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeCloud A3 Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeCloud IQ Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeConnect Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeControl Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeGuest Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeLocation Not Affected link cisagov 2022-01-12
Extreme Networks ExtremeWireless (IdentiFi) Not Affected link cisagov 2022-01-12
Extreme Networks Fabric Manager Not Affected link cisagov 2022-01-12
Extreme Networks Guest and IoT Manager (GIM) Not Affected link cisagov 2022-01-12
Extreme Networks HiveManager Classic On-Premises Not Affected link cisagov 2022-01-12
Extreme Networks HiveManager Classic Online Not Affected link cisagov 2022-01-12
Extreme Networks Ipanema Ip Engine Not Affected link cisagov
Extreme Networks Ipanema SALSA 9.3.8, 9.4.3 Fixed link cisagov 2022-01-12
Extreme Networks Ipanema SD-WAN Orchestrator Not Affected link cisagov 2022-01-12
Extreme Networks IQEngine (HiveOS) Not Affected link cisagov 2022-01-12
Extreme Networks IQVA 21.1.22.1-IQVA Fixed link cisagov 2022-01-12
Extreme Networks NetIron OS Not Affected link cisagov 2022-01-12
Extreme Networks Network OS Not Affected link cisagov 2022-01-12
Extreme Networks NSight Not Affected link cisagov 2022-01-12
Extreme Networks SLX-OS Not Affected link cisagov 2022-01-12
Extreme Networks Traffic Sensor Not Affected link cisagov 2022-01-12
Extreme Networks VGVA Not Affected link cisagov 2022-01-12
Extreme Networks VOSS Not Affected link cisagov 2022-01-12
Extreme Networks WiNG Not Affected link cisagov 2022-01-12
Extron All Unknown link cisagov 2022-01-12
F-Secure Elements Connector Fixed link cisagov 2022-01-12
F-Secure Endpoint Proxy 13 through 15 Fixed link cisagov 2022-01-12
F-Secure Messaging Security Gateway Fixed link cisagov 2022-01-12
F-Secure Policy Manager 13 through 15 Fixed link cisagov 2022-01-12
F-Secure Policy Manager Proxy 13 through 15 Fixed link cisagov 2022-01-12
F5 BIG-IP (all modules) Not Affected link cisagov 2022-01-12
F5 BIG-IQ Centralized Management Not Affected link cisagov 2022-01-12
F5 F5OS Not Affected link cisagov 2022-01-12
F5 NGINX App Protect Not Affected link cisagov 2022-01-12
F5 NGINX Controller Not Affected link cisagov 2022-01-12
F5 NGINX Ingress Controller Not Affected link cisagov 2022-01-12
F5 NGINX Instance Manager Not Affected link cisagov 2022-01-12
F5 NGINX Open Source Not Affected link cisagov 2022-01-12
F5 NGINX Plus Not Affected link cisagov 2022-01-12
F5 NGINX Service Mesh Not Affected link cisagov 2022-01-12
F5 NGINX Unit Not Affected link cisagov 2022-01-12
F5 Traffix SDC 5.x, 5.2.0 CF1, 5.1.0 CF-30 - 5.1.0 CF-33 Affected link Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System cisagov 2022-01-12
FAST LTA All Unknown link cisagov 2022-01-12
Fastly All Unknown link cisagov 2022-01-12
FedEx Ship Manager Software 340x Affected link Note - FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative. cisagov 2021-12-15
FedEx Ship Manager Software 3509 Fixed link Note - FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative. cisagov 2021-12-15
Fiix Fiix CMMS Core v5 Fixed link The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
FileCap Plugins Not Affected link cisagov 2022-01-12
FileCap Server 5.1.3 Fixed link cisagov 2022-01-12
FileCatalyst All Unknown link cisagov 2022-01-12
FileCloud All Unknown link cisagov 2022-01-12
FileWave All Unknown link cisagov 2022-01-12
FileZilla All Not Affected link cisagov 2022-01-12
FINVI All Unknown link cisagov 2022-01-12
FireDaemon All Unknown link cisagov 2022-01-12
Fisher & Paykel Healthcare All Not Affected link cisagov 2021-12-21
Flexagon All Unknown link cisagov 2022-01-12
Flexera All Unknown link cisagov 2022-01-12
Forcepoint Advanced Malware Detection Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Behavioral Analytics Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Bitglass SSE Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint CASB Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Cloud Security Gateway (CSG) Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Content Gateway Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint DDP/DUP/DPS Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Directory Synchronization Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint DLP Manager Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Email Security Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Insider Threat Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Next Generation Firewall (NGFW) Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint NGFW Security Management Center Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint NGFW Virtual SMC Appliances Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint NGFW VPN Client Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint One Endpoint Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Security Manager (Web, Email and DLP) Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Sidewinder Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint User ID service Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forcepoint Web Security Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2022-01-12
Forescout All Unknown link cisagov 2022-01-12
ForgeRock Autonomous Identity Fixed link All other ForgeRock products not affected. cisagov 2022-01-12
Fortinet Autonomous Identity Fixed link cisagov 2022-01-12
Fortinet FortiADC Not Affected link cisagov 2022-01-12
Fortinet FortiAI Not Affected link cisagov 2022-01-12
Fortinet FortiAIOps 1.0.2 Fixed link cisagov 2022-01-12
Fortinet FortiAnalyzer Not Affected link cisagov 2022-01-12
Fortinet FortiAnalyzer Big Cloud 6.4.7, 7.0.2 Fixed link cisagov 2022-01-12
Fortinet FortiAnalyzer Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiAP Not Affected link cisagov 2022-01-12
Fortinet FortiAuthenticator Not Affected link cisagov 2022-01-12
Fortinet FortiCache Not Affected link cisagov 2022-01-12
Fortinet FortiCarrier Not Affected link cisagov 2022-01-12
Fortinet FortiCASB Fixed link cisagov 2022-01-12
Fortinet FortiClient Not Affected link cisagov 2022-01-12
Fortinet FortiClient Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiClient EMS Not Affected link cisagov 2022-01-12
Fortinet FortiConnect Not Affected link cisagov 2022-01-12
Fortinet FortiConverter Portal Affected link cisagov 2022-01-12
Fortinet FortiCWP Fixed link cisagov 2022-01-12
Fortinet FortiDDoS Not Affected link cisagov 2022-01-12
Fortinet FortiDDoS-F Not Affected link cisagov 2022-01-12
Fortinet FortiDeceptor Not Affected link cisagov 2022-01-12
Fortinet FortiEDR Agent Not Affected link cisagov 2022-01-12
Fortinet FortiEDR Cloud Affected link cisagov 2022-01-12
Fortinet FortiExtender Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiGate Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiGSLB Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiInsight Not Affected link cisagov 2022-01-12
Fortinet FortiIsolator 2.3.4 Fixed link cisagov 2022-01-12
Fortinet FortiLAN Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiMail Not Affected link cisagov 2022-01-12
Fortinet FortiManager Not Affected link cisagov 2022-01-12
Fortinet FortiManager Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiMonitor Fixed link cisagov 2022-01-12
Fortinet FortiNAC Affected link cisagov 2022-01-12
Fortinet FortiOS (includes FortiGate & FortiWiFi) Not Affected link cisagov 2022-01-12
Fortinet FortiPenTest Not Affected link cisagov 2022-01-12
Fortinet FortiPhish Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiPolicy Affected link cisagov 2022-01-12
Fortinet FortiPortal Affected link cisagov 2022-01-12
Fortinet FortiPresence Not Affected link cisagov 2022-01-12
Fortinet FortiProxy Not Affected link cisagov 2022-01-12
Fortinet FortiRecorder Not Affected link cisagov 2022-01-12
Fortinet FortiSandbox Not Affected link cisagov 2022-01-12
Fortinet FortiSASE Not Affected link cisagov 2022-01-12
Fortinet FortiSIEM Affected link cisagov 2022-01-12
Fortinet FortiSOAR Affected link cisagov 2022-01-12
Fortinet FortiSwitch & FortiSwitchManager Not Affected link cisagov 2022-01-12
Fortinet FortiSwitch Cloud in FortiLANCloud Not Affected link cisagov 2022-01-12
Fortinet FortiTester Not Affected link cisagov 2022-01-12
Fortinet FortiToken Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiVoice Not Affected link cisagov 2022-01-12
Fortinet FortiWeb Cloud Not Affected link cisagov 2022-01-12
Fortinet FortiWLC Not Affected link cisagov 2022-01-12
Fortinet FortiWLM Not Affected link cisagov 2022-01-12
Fortinet ShieldX Affected link cisagov 2022-01-12
FTAPI All Unknown link cisagov 2022-01-12
Fuji Electric MONITOUCH TS1000 series Not Affected link cisagov 2022-02-02
Fuji Electric MONITOUCH TS1000S series Not Affected link cisagov 2022-02-02
Fuji Electric MONITOUCH TS2000 series Not Affected link cisagov 2022-02-02
Fuji Electric MONITOUCH V8 series Not Affected link cisagov 2022-02-02
Fuji Electric MONITOUCH V9 series Not Affected link cisagov 2022-02-02
Fuji Electric MONITOUCH X1 series Not Affected link cisagov 2022-02-02
Fuji Electric TELLUS and V-Server Not Affected link cisagov 2022-02-02
Fuji Electric V-SFT Not Affected link cisagov 2022-02-02
Fujitsu AIS Connect Not Affected link cisagov 2022-01-12
Fujitsu Bean Connect Not Affected link cisagov 2022-01-12
Fujitsu BS2000 Hardware Not Affected link cisagov 2022-01-12
Fujitsu BS2000 Software Not Affected link cisagov 2022-01-12
Fujitsu BX400 Not Affected link cisagov 2022-01-12
Fujitsu BX900 MMB Not Affected link cisagov 2022-01-12
Fujitsu eLux RP on FUTRO Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS AB/HB Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS CS800 Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS CS8000 Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS DX/AF Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS JX Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS LT140/260 Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS LT20/40/60 Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS SF Not Affected link cisagov 2022-01-12
Fujitsu ETERNUS SF MA Not Affected link cisagov 2022-01-12
Fujitsu FlexFrame Not Affected link cisagov 2022-01-12
Fujitsu INTELLIEGDLE A/G Not Affected link cisagov 2022-01-12
Fujitsu iRMC on PRIMERGY Not Affected link cisagov 2022-01-12
Fujitsu ISM for PRIMERGY, PQ Not Affected link cisagov 2022-01-12
Fujitsu NECoP Not Affected link cisagov 2022-01-12
Fujitsu openFT Not Affected link cisagov 2022-01-12
Fujitsu openSEAS Not Affected link cisagov 2022-01-12
Fujitsu openUTM Not Affected link cisagov 2022-01-12
Fujitsu openUTM (WebAdm.) Not Affected link cisagov 2022-01-12
Fujitsu PRIMEFLEX for MS S2D Not Affected link cisagov 2022-01-12
Fujitsu PTC Axeda (AIS Con.) Not Affected link cisagov 2022-01-12
Fujitsu SBAX2 Not Affected link cisagov 2022-01-12
Fujitsu SBAX3 Not Affected link cisagov 2022-01-12
Fujitsu SecDocs Fixed link cisagov 2022-01-12
Fujitsu ServerView IM Not Affected link cisagov 2022-01-12
Fujitsu ServerView OM Fixed link cisagov 2022-01-12
Fujitsu ServerView OM/UM Not Affected link cisagov 2022-01-12
Fujitsu ServerView RAID Not Affected link cisagov 2022-01-12
Fujitsu ServerView Rem. Con. Unknown link cisagov 2022-01-12
Fujitsu ServerView VIOM Not Affected link cisagov 2022-01-12
Fujitsu SOA Pro. Mgmt. Service Not Affected link cisagov 2022-01-12
Fujitsu SOA SysRollout Service Not Affected link cisagov 2022-01-12
Fujitsu SVS Services for ISM Not Affected link cisagov 2022-01-12
Fujitsu SVS UME + LinuxLife Not Affected link cisagov 2022-01-12
Fujitsu SVS VMware Op. Mgr. Not Affected link cisagov 2022-01-12
Fujitsu SVS VMware vCenter Not Affected link cisagov 2022-01-12
Fujitsu Web Transactions Not Affected link cisagov 2022-01-12
FusionAuth All Not Affected link cisagov 2022-01-12
GE Digital All Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2021-12-22
GE Digital Grid All Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2021-12-22
GE Gas Power Asset Performance Management (APM) Fixed link GE Digital has fixed the log4j issue on the APM. Validation and test completed in development environment and the team is currently deploying the fixes in the production environment. cisagov 2021-12-22
GE Gas Power Baseline Security Center (BSC) Affected link GE Gas Power is still validating the workaround provided by FoxGuard in Technical Information Notice M1221-S01. cisagov 2021-12-22
GE Gas Power Baseline Security Center (BSC) 2.0 Fixed link GE Gas Power has tested and validated the component of the BSC 2.0 that is impacted (McAfee SIEM 11.x). The update and instructions can be downloaded from link in reference section. This update is available to customer only and has not been reviewed by CISA. Customer Portal Update cisagov 2021-12-22
GE Gas Power Control Server Affected link Please see vCenter. Control Server is not directly impacted. It is impacted through vCenter. cisagov 2021-12-22
GE Gas Power MyFleet Fixed link Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 cisagov 2021-12-22
GE Gas Power OPM Performance Intelligence Fixed link Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 cisagov 2021-12-22
GE Gas Power OPM Performance Planning Fixed link Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 cisagov 2021-12-22
GE Gas Power Tag Mapping Service Fixed link Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 cisagov 2021-12-22
GE Gas Power vCenter Fixed link GE Gas Power has tested and validated the update provided by Vmware. The update and instructions can be downloaded from link in reference section. This update is available to customer only and has not been reviewed by CISA. Customer Portal Update cisagov 2021-12-22
GE Healthcare Unknown link This advisory is not available at the time of this review, due to maintence on the GE Healthcare website. cisagov 2021-12-22
Gearset All Unknown link cisagov 2022-01-12
Genesys All Unknown link cisagov 2022-01-12
GeoServer All Unknown link cisagov 2022-01-12
GeoSolutions GeoNetwork A, l, l Fixed link cisagov 2021-12-16
GeoSolutions GeoServer Not Affected link cisagov 2021-12-16
Gerrit Code Review All Unknown link cisagov 2022-01-12
GFI Software All Unknown link cisagov 2022-01-12
GFI Software Kerio Connect Fixed link cisagov 2022-01-12
Ghidra All Unknown link cisagov 2022-01-12
Ghisler Total Commander Not Affected link Third Party plugins might contain log4j. cisagov 2022-01-12
Gigamon Fabric Manager <5.13.01.02 Fixed link Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA. cisagov 2021-12-21
GitHub GitHub GitHub.com and GitHub Enterprise Cloud Fixed link cisagov 2021-12-17
GitHub GitHub Enterprise Server 3.0.22, 3.1.14, 3.2.6, 3.3.1 Fixed link cisagov 2021-12-17
GitLab All Not Affected link cisagov 2022-01-12
GitLab DAST Analyzer Not Affected link cisagov 2022-01-12
GitLab Dependency Scanning Fixed link cisagov 2022-01-12
GitLab Gemnasium-Maven Fixed link cisagov 2022-01-12
GitLab PMD OSS Fixed link cisagov 2022-01-12
GitLab SAST Fixed link cisagov 2022-01-12
GitLab Spotbugs Fixed link cisagov 2022-01-12
Globus All Unknown link cisagov 2022-01-12
GoAnywhere Agents Fixed link cisagov 2021-12-18
GoAnywhere Gateway Version 2.7.0 or later Fixed link cisagov 2021-12-18
GoAnywhere MFT Version 5.3.0 or later Fixed link cisagov 2021-12-18
GoAnywhere MFT Agents 1.4.2 or later Affected link Versions less than GoAnywhere Agent version 1.4.2 are not affected. cisagov 2021-12-18
GoAnywhere Open PGP Studio Fixed link cisagov 2021-12-18
GoAnywhere Suveyor/400 Not Affected link cisagov 2021-12-18
GoCD All Unknown link cisagov 2022-01-12
Google Chrome Not Affected link Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. cisagov 2022-01-14
Google Cloud Access Transparency Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Actifio Not Affected link Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit https://now.actifio.com for the full statement and to obtain the hotfix (available to Actifio customers only). cisagov 2021-12-21
Google Cloud AI Platform Data Labeling Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AI Platform Neural Architecture Search (NAS) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AI Platform Training and Prediction Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Anthos Config Management Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Connect Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Hub Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Identity Service Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos on VMWare Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds to their VMware products as they become available. We also recommend customers review their respective applications and workloads affected by the same vulnerabilities and apply appropriate patches. cisagov 2021-12-21
Google Cloud Anthos Premium Software Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Service Mesh Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Apigee Not Affected link Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not used and therefore the VMs were not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. It is possible that customers may have introduced custom resources that are using vulnerable versions of Log4j. We strongly encourage customers who manage Apigee environments to identify components dependent on Log4j and update them to the latest version. Visit the Apigee Incident Report for more information. cisagov 2021-12-17
Google Cloud App Engine Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage App Engine environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud AppSheet Not Affected link The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core AppSheet functionality. Additionally, we have patched one Java-based auxiliary service in our platform. We will continue to monitor for affected services and patch or remediate as required. If you have any questions or require assistance, contact AppSheet Support. cisagov 2021-12-21
Google Cloud Artifact Registry Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Assured Workloads Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Natural Language Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Tables Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Translation Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Video Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Vision Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud BigQuery Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud BigQuery Data Transfer Service Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud BigQuery Omni Not Affected link BigQuery Omni, which runs on AWS and Azure infrastructure, does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We continue to work with AWS and Azure to assess the situation. cisagov 2021-12-19
Google Cloud Binary Authorization Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Certificate Manager Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Chronicle Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Asset Inventory Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Bigtable Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Cloud Build Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Build environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud CDN Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Composer Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible that customers may have imported or introduced other dependencies via DAGs, installed PyPI modules, plugins, or other services that are using vulnerable versions of Log4j 2. We strongly encourage customers, who manage Composer environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-15
Google Cloud Cloud Console App Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Data Loss Prevention Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Debugger Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Deployment Manager Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud DNS Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Endpoints Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud External Key Manager (EKM) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Functions Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Hardware Security Module (HSM) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Interconnect Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Intrusion Detection System (IDS) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Key Management Service Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Load Balancing Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Logging Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Natural Language API Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Network Address Translation (NAT) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Profiler Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Router Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Run Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Run for Anthos Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Scheduler Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud SDK Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Shell Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Shell environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Source Repositories Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Spanner Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Cloud SQL Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Cloud Storage Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Tasks Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Trace Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Traffic Director Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Translation Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Vision Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Vision OCR On-Prem Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud VPN Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud CompilerWorks Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Compute Engine Not Affected link Compute Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes to Google Cloud VMware Engine as they become available. cisagov 2021-12-20
Google Cloud Contact Center AI (CCAI) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Contact Center AI Insights Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Container Registry Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Data Catalog Not Affected link Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers who introduced their own connectors to identify dependencies on Log4j 2 and update them to the latest version. cisagov 2021-12-20
Google Cloud Data Fusion Not Affected link Data Fusion does not use Log4j 2, but uses Dataproc as one of the options to execute pipelines. Dataproc released new images on December 18, 2021 to address the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow instructions in a notification sent on December 18, 2021 with the subject line “Important information about Data Fusion.” cisagov 2021-12-20
Google Cloud Database Migration Service (DMS) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Dataflow Not Affected link Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. If you have changed dependencies or default behavior, it is strongly recommended you verify there is no dependency on vulnerable versions Log4j 2. Customers have been provided details and instructions in a notification sent on December 17, 2021 with the subject line “Update #1 to Important information about Dataflow.” cisagov 2021-12-17
Google Cloud Dataproc Not Affected link Dataproc released new images on December 18, 2021 to address the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions in notifications sent on December 18, 2021 with the subject line “Important information about Dataproc” with Dataproc documentation. cisagov 2021-12-20
Google Cloud Dataproc Metastore Not Affected link Dataproc Metastore has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent two notifications with instructions on December 17, 2021 with the subject line “Important information regarding Log4j 2 vulnerability in your gRPC-enabled Dataproc Metastore.” cisagov 2021-12-20
Google Cloud Datastore Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Datastream Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Dialogflow Essentials (ES) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Document AI Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Event Threat Detection Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Eventarc Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Filestore Not Affected link Log4j 2 is contained within the Filestore service; there is a technical control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Log4j 2 will be updated to the latest version as part of the scheduled rollout in January 2022. cisagov 2021-12-21
Google Cloud Firebase Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Firestore Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Game Servers Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Google Cloud Armor Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Google Cloud Armor Managed Protection Plus Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Google Cloud VMware Engine Not Affected link We are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes as they become available. cisagov 2021-12-11
Google Cloud Google Kubernetes Engine Not Affected link Google Kubernetes Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Google Kubernetes Engine environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Healthcare Data Engine (HDE) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Human-in-the-Loop AI Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud IoT Core Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Key Access Justifications (KAJ) Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Looker Not Affected link Looker-hosted instances have been updated to a Looker version with Log4j v2.16. Looker is currently working with third-party driver vendors to evaluate the impact of the Log4j vulnerability. As Looker does not enable logging for these drivers in Looker-hosted instances, no messages are logged. We conclude that the vulnerability is mitigated. We continue to actively work with the vendors to deploy a fix for these drivers. Looker customers who self-manage their Looker instances have received instructions through their technical contacts on how to take the necessary steps to address the vulnerability. Looker customers who have questions or require assistance, please visit Looker Support. cisagov 2021-12-18
Google Cloud Media Translation API Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Memorystore Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Migrate for Anthos Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Migrate for Compute Engine (M4CE) Not Affected link M4CE has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities. A notification was sent to customers on December 17, 2021 with subject line “Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11 or below. If you are on M4CE v5.0 or above, no action is needed. cisagov 2021-12-19
Google Cloud Network Connectivity Center Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Network Intelligence Center Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Network Service Tiers Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Persistent Disk Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Pub/Sub Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-16
Google Cloud Pub/Sub Lite Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Pub/Sub Lite environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-16
Google Cloud reCAPTCHA Enterprise Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Recommendations AI Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Retail Search Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Risk Manager Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Secret Manager Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Security Command Center Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Service Directory Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Service Infrastructure Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Speaker ID Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Speech-to-Text Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Speech-to-Text On-Prem Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Storage Transfer Service Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Talent Solution Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Text-to-Speech Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Transcoder API Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Transfer Appliance Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Video Intelligence API Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Virtual Private Cloud Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Web Security Scanner Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Workflows Not Affected link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Gradle All Not Affected link Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. cisagov 2022-01-12
Gradle Gradle Enterprise < 2021.3.6 Fixed link cisagov 2022-01-12
Gradle Gradle Enterprise Build Cache Node < 10.1 Fixed link cisagov 2022-01-12
Gradle Gradle Enterprise Test Distribution Agent < 1.6.2 Fixed link cisagov 2022-01-12
Grafana All Not Affected link cisagov 2022-01-12
Grandstream All Unknown link cisagov 2022-01-12
Gravitee Access Management Not Affected link cisagov 2022-01-12
Gravitee Access Management Not Affected link cisagov 2022-01-12
Gravitee Alert Engine Not Affected link cisagov 2022-01-12
Gravitee Alert Engine Not Affected link cisagov 2022-01-12
Gravitee API Management Not Affected link cisagov 2022-01-12
Gravitee API Management Not Affected link cisagov 2022-01-12
Gravitee Cockpit Not Affected link cisagov 2022-01-12
Gravwell All Not Affected link Gravwell products do not use Java. cisagov 2022-01-12
Graylog All 3.3.15, 4.0.14, 4.1.9, 4.2.3 Fixed link The vulnerable Log4j library is used to record GrayLogs own log information. Vulnerability is not triggered when GrayLog stores exploitation vector from an outer system. cisagov 2022-01-12
Graylog Graylog Server All versions >= 1.2.0 and <= 4.2.2 Fixed link cisagov 2022-01-12
GreenShot All Not Affected link cisagov 2022-01-12
GSA Cloud.gov Unknown link cisagov 2021-12-21
GuardedBox All 3.1.2 Fixed link cisagov 2022-01-12
Guidewire All Unknown link cisagov 2022-01-12
HAProxy Unknown link cisagov 2022-01-12
HarmanPro AMX Unknown link cisagov 2022-01-12
HashiCorp Boundary Unknown link cisagov 2022-01-12
HashiCorp Consul Unknown link cisagov 2022-01-12
HashiCorp Consul Enterprise Unknown link cisagov 2022-01-12
HashiCorp Nomad Unknown link cisagov 2022-01-12
HashiCorp Nomad Enterprise Unknown link cisagov 2022-01-12
HashiCorp Packer Unknown link cisagov 2022-01-12
HashiCorp Terraform Unknown link cisagov 2022-01-12
HashiCorp Terraform Enterprise Unknown link cisagov 2022-01-12
HashiCorp Vagrant Unknown link cisagov 2022-01-12
HashiCorp Vault Unknown link cisagov 2022-01-12
HashiCorp Vault Enterprise Unknown link cisagov 2022-01-12
HashiCorp Waypoint Unknown link cisagov 2022-01-12
HCL Software BigFix Compliance Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Insights Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Insights for Vulnerability Remediation Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Inventory < 10.0.7 Fixed link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Lifecycle Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Mobile Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Patch Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HelpSystems Clearswift Unknown link cisagov 2022-01-12
HENIX Squash TM 1.21.7-1.22.9, 2.0.3-2.1.5, 2.2.0-3.0.2 Fixed link cisagov 2021-12-23
Hexagon Unknown link cisagov 2022-01-12
Hikvision Unknown link cisagov 2022-01-12
Hitachi Energy 3rd party - Elastic Search, Kibana Elasticsearch 5.0.0+ Fixed link Set the JVM option -Dlog4j2.formatMsgNoLookups=true and restart each node of the cluster. cisagov 2022-01-05
Hitachi Energy 3rd party - Oracle Database Components 12.1, 12.2, 19c Fixed link As this is a third-party component, a separate patch management report will be provided to customers with the steps to apply the Oracle provided patches for these components. cisagov 2022-01-05
Hitachi Energy Axis 3.6 Fixed link No action is required by customers. Axis is a fully SaaS hosted solution and the environment has been patched per the recommendations cisagov 2022-01-05
Hitachi Energy Counterparty Settlement and Billing (CSB) v6 Fixed link cisagov 2022-01-05
Hitachi Energy e-Mesh Monitor Unknown link No end-user action needed. The affected e-Mesh Monitor part is at the cloud offering side of which the remediation is handled by Hitachi Energy team. Remediation is currently ongoing, and during this time period, e-Mesh Monitor edge device is not able to upload data to cloud. cisagov 2022-01-05
Hitachi Energy eSOMS Unknown link cisagov 2022-01-12
Hitachi Energy FOXMAN-UN R15A, R14B, R14A, R11B SP1 Fixed link A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, please refer to the technical bulletin “FOXMAN-UN - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. cisagov 2022-01-05
Hitachi Energy FOXMAN-UN R11A and R10 series Fixed link Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. cisagov 2022-01-05
Hitachi Energy Lumada APM On-premises Unknown link See vendor advisory for instructions for various versions. cisagov 2022-01-05
Hitachi Energy Lumada APM SaaS offering Unknown link No action is required by customers. The SaaS offering has been patched per the recommendations. cisagov 2022-01-05
Hitachi Energy Lumada EAM / FSM v1.7.x, v1.8.x, v1.9.x Fixed link See Section Mitigation Strategy in vendor advisory. cisagov 2022-01-05
Hitachi Energy MMS Internal facing subcomponent. Unknown link cisagov 2022-01-05
Hitachi Energy Network Manager ADMS Network Model Server 9.1.0.32-9.1.0.44 Fixed link See vendor advisory for instructions on mitigation steps. cisagov 2022-01-05
Hitachi Energy Network Manager Outage Management Interface (CMI) 9.0-9.10.44, 9.1.1, 10.3.4 Fixed link See vendor advisory for instructions on mitigation steps. cisagov 2022-01-05
Hitachi Energy nMarket Global I-SEM 3.7.15, 3.7.16 Fixed link cisagov 2022-01-05
Hitachi Energy RelCare 2.0.0 Fixed link No action is required by customers. The RelCare SaaS hosted solution and the on-premises have been patched per the recommendations. cisagov 2022-01-05
Hitachi Energy UNEM R15A, R14B, R14A, R11B SP1 Fixed link A patch is available for releases R15A, R14B, R14A and R11B SP1. For details on how to apply such patch, please refer to the technical bulletin “UNEM - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. cisagov 2022-01-05
Hitachi Energy UNEM R11A and R10 series Fixed link Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. cisagov 2022-01-05
Hitachi Vantara Unknown link cisagov 2022-01-12
HMS Industrial Networks AB Cosy, Flexy and Ewon CD Unknown link cisagov 2022-01-05
HMS Industrial Networks AB eCatcher Mobile applications Unknown link cisagov 2022-01-05
HMS Industrial Networks AB eCatcher Windows software Unknown link cisagov 2022-01-05
HMS Industrial Networks AB Netbiter Hardware including EC, WS, and LC Unknown link cisagov 2022-01-05
HMS Industrial Networks AB Talk2M including M2Web Unknown link cisagov 2022-01-05
HOLOGIC Advanced Workflow Manager (AWM) Unknown link While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. cisagov 2021-12-20
HOLOGIC Affirm Prone Biopsy System Unknown link cisagov 2021-12-20
HOLOGIC Brevera Breast Biopsy System Unknown link cisagov 2021-12-20
HOLOGIC Cenova Image Analytics Server Unknown link cisagov 2021-12-20
HOLOGIC Dimensions / 3Dimensions Mammography System Unknown link cisagov 2021-12-20
HOLOGIC Discovery Bone Densitometer Unknown link cisagov 2021-12-20
HOLOGIC Faxitron CT Specimen Radiography System Unknown link While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program. cisagov 2021-12-20
HOLOGIC Faxitron Specimen Radiography Systems Unknown link cisagov 2021-12-20
HOLOGIC Fluoroscan Insight Mini C-Arm Unknown link cisagov 2021-12-20
HOLOGIC Horizon DXA Bone Densitometer Unknown link cisagov 2021-12-20
HOLOGIC Rosetta DC Tomosynthesis Data Converter Unknown link cisagov 2021-12-20
HOLOGIC SecurView DX Workstation Unknown link cisagov 2021-12-20
HOLOGIC SecurXChange Router Unknown link cisagov 2021-12-20
HOLOGIC SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) Unknown link cisagov 2021-12-20
HOLOGIC Trident HD Specimen Radiography System Unknown link cisagov 2021-12-20
HOLOGIC Unifi Workspace Unknown link While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. cisagov 2021-12-20
HOLOGIC Windows Selenia Mammography System Unknown link cisagov 2021-12-20
Honeywell Unknown link cisagov 2022-01-12
HP Teradici Cloud Access Controller < v113 Fixed link cisagov 2021-12-17
HP Teradici EMSDK < 1.0.6 Fixed link cisagov 2021-12-17
HP Teradici Management Console < 21.10.3 Fixed link cisagov 2021-12-17
HP Teradici PCoIP Connection Manager < 21.03.6, < 20.07.4 Fixed link cisagov 2021-12-17
HP Teradici PCoIP License Server Unknown link cisagov 2021-12-17
HPE 3PAR StoreServ Arrays Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE AirWave Management Platform Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Alletra 6000 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Alletra 9k Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba Central Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba ClearPass Policy Manager Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba ClearPass Policy Manager Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba Instant (IAP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba Location Services Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba NetEdit Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba PVOS Switches Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba SDN VAN Controller Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba User Experience Insight (UXI) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba VIA Client Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS SD-WAN Controllers and Gateways Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS Wi-Fi Controllers and Gateways Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS-CX switches Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS-S switches Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE BladeSystem Onboard Administrator Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade 16Gb Fibre Channel SAN Switch for HPE Synergy Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade 16Gb SAN Switch for HPE BladeSystem c-Class Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade Network Advisor Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE CloudAuth Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE CloudPhysics Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Compute Cloud Console Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Compute operations manager- FW UPDATE SERVICE Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE COS (Cray Operating System) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Cray Systems Management (CSM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Custom SPP Portal Link Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Data Services Cloud Console Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Harmony Data Platform Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HOP public services (grafana, vault, rancher, Jenkins) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN2600B SAN Extension Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN4000B SAN Extension Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6000B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6500B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6600B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6650B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6700B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Customer Experience Assurance (CEA) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Hardware Support Manager plug-in for VMware vSphere Lifecycle Manager Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Home Location Register (HLR/I-HLR) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Infosight for Servers Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Integrated Home Subscriber Server (I-HSS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Intelligent Messaging (IM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Intelligent Network Server (INS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Multimedia Services Environment (MSE) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Convergent Communications Platform (OCCP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Media Platform Media Resource Function (OCMP-MRF) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Service Access Controller (OC SAC) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Service Controller (OCSC) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Universal Signaling Platform (OC-USP-M) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OneView Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE OneView for VMware vRealize Operations (vROps) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE OneView Global Dashboard Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Performance Cluster Manager (HPCM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Performance Manager (PM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Position Determination Entity (PDE) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Secure Identity Broker (SIB) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Activator (SA) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Governance Framework (SGF) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Orchestration Manager (SOM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Provisioner (SP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Short Message Point-to-Point Gateway (SMPP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Slingshot Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Smart Interaction Server (SIS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE SN3000B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8000B 4-Slot SAN Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8000B 8-Slot SAN Backbone Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8600B 4-Slot SAN Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8600B 8-Slot SAN Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8700B 4-Slot Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8700B 8-Slot Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Subscriber, Network, and Application Policy (SNAP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Subscription Manager (SM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Synergy Image Streamer Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Systems Insight Manager (SIM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Telecom Application Server (TAS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified Correlation and Automation (UCA) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified Mediation Bus (UMB) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified OSS Console (UOC) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified Topology Manager (UTM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Universal Identity Repository (VIR) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Universal SLA Manager (uSLAM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Virtual Connect Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Virtual Connect Enterprise Manager (VCEM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Virtual Provisioning Gateway (vPGW) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Virtual Server Environment (VSE) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Virtual Subscriber Data Management (vSDM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE WebRTC Gateway Controller (WGW) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Wi-Fi Authentication Gateway (WauG) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Insight Cluster Management Utility (CMU) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrated Lights-Out (iLO) Amplifier Pack Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrated Lights-Out 4 (iLO 4) Not Affected link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrated Lights-Out 5 (iLO 5) Not Affected link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity BL860c, BL870c, BL890c Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity Rx2800/Rx2900 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity Superdome 2 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity Superdome X Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Intelligent Provisioning Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE iSUT integrated smart update tool Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Maven Artifacts (Atlas) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE MSA Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE NetEdit Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Nimble Storage Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE NS-T0634-OSM CONSOLE TOOLS Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE NS-T0977-SCHEMA VALIDATOR Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE OfficeConnect Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Primera Storage Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE RepoServer part of OPA (on Premises aggregator) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Resource Aggregator for Open Distributed Infrastructure Management Not Affected link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE RESTful Interface Tool (iLOREST) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SAT (System Admin Toolkit) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Scripting Tools for Windows PowerShell (HPEiLOCmdlets) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI MC990 X Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI UV 2000 Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI UV 300, 300H, 300RL, 30EX Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI UV 3000 Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SN8700B 8-Slot Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEasy Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEver CVTL Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEver LTO Tape Drives Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEver MSL Tape Libraries Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreOnce Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SUM (Smart Update Manager) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Superdome Flex 280 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Superdome Flex Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE UAN (User Access Node) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE/Micro Focus Data Protector 9.09 Fixed link https://portal.microfocus.com/s/article/KM000003050 cisagov 2021-12-17
Huawei Unknown link cisagov 2022-01-12
Hubspot Unknown link cisagov 2022-01-12
I-Net software Unknown link cisagov 2022-01-12
I2P Unknown link cisagov 2022-01-12
IBA-AG Unknown link cisagov 2022-01-12
Ibexa Unknown link cisagov 2022-01-12
IBM Analytics Engine Unknown link cisagov 2021-12-15
IBM App Configuration Unknown link cisagov 2021-12-15
IBM App Connect Unknown link cisagov 2021-12-15
IBM App ID Unknown link cisagov 2021-12-15
IBM Application Gateway Unknown link cisagov 2021-12-15
IBM Aspera Unknown link cisagov 2021-12-15
IBM Aspera Endpoint Unknown link cisagov 2021-12-15
IBM Aspera Enterprise Unknown link cisagov 2021-12-15
IBM Aspera fasp.io Unknown link cisagov 2021-12-15
IBM Bare Metal Servers Unknown link cisagov 2021-12-15
IBM BigFix Compliance Unknown cisagov 2022-01-12
IBM BigFix Inventory VM Manager Tool & SAP Tool Affected To verify if your instance is affected, go to the lib subdirectory of the tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version of log4j is included. Version is included in the name of the library. cisagov 2022-01-12
IBM Block Storage Unknown link cisagov 2021-12-15
IBM Block Storage for VPC Unknown link cisagov 2021-12-15
IBM Block Storage Snapshots for VPC Unknown link cisagov 2021-12-15
IBM Case Manager Unknown link cisagov 2021-12-15
IBM Certificate Manager Unknown link cisagov 2021-12-15
IBM Client VPN for VPC Unknown link cisagov 2021-12-15
IBM Cloud Activity Tracker Unknown link cisagov 2021-12-15
IBM Cloud Backup Unknown link cisagov 2021-12-15
IBM Cloud Monitoring Unknown link cisagov 2021-12-15
IBM Cloud Object Storage Unknown link cisagov 2021-12-15
IBM Cloud Object Storage Unknown link cisagov 2021-12-15
IBM Cloudant Unknown link cisagov 2021-12-15
IBM Code Engine Unknown link cisagov 2021-12-15
IBM Cognos Command Center Unknown link cisagov 2021-12-15
IBM Cognos Controller 10.4.2 Affected link cisagov 2021-12-15
IBM Cognos Integration Server Unknown link cisagov 2021-12-15
IBM Compose Enterprise Unknown link cisagov 2021-12-15
IBM Compose for Elasticsearch Unknown link cisagov 2021-12-15
IBM Compose for etcd Unknown link cisagov 2021-12-15
IBM Compose for MongoDB Unknown link cisagov 2021-12-15
IBM Compose for MySQL Unknown link cisagov 2021-12-15
IBM Compose for PostgreSQL Unknown link cisagov 2021-12-15
IBM Compose for RabbitMQ Unknown link cisagov 2021-12-15
IBM Compose for Redis Unknown link cisagov 2021-12-15
IBM Compose for RethinkDB Unknown link cisagov 2021-12-15
IBM Compose for ScyllaDB Unknown link cisagov 2021-12-15
IBM Container Registry Unknown link cisagov 2021-12-15
IBM Container Security Services Unknown link cisagov 2021-12-15
IBM Content Delivery Network Unknown link cisagov 2021-12-15
IBM Continuous Delivery Unknown link cisagov 2021-12-15
IBM Copy Services Manager Unknown link cisagov 2021-12-15
IBM Databases for DataStax Unknown link cisagov 2021-12-15
IBM Databases for EDB Unknown link cisagov 2021-12-15
IBM Databases for Elasticsearch Unknown link cisagov 2021-12-15
IBM Databases for etcd Unknown link cisagov 2021-12-15
IBM Databases for MongoDB Unknown link cisagov 2021-12-15
IBM Databases for PostgreSQL Unknown link cisagov 2021-12-15
IBM Databases for Redis Unknown link cisagov 2021-12-15
IBM Datapower Gateway Unknown link cisagov 2021-12-15
IBM Dedicated Host for VPC Unknown link cisagov 2021-12-15
IBM Direct Link Connect Unknown link cisagov 2021-12-15
IBM Direct Link Connect on Classic Unknown link cisagov 2021-12-15
IBM Direct Link Dedicated (2.0) Unknown link cisagov 2021-12-15
IBM Direct Link Dedicated Hosting on Classic Unknown link cisagov 2021-12-15
IBM Direct Link Dedicated on Classic Unknown link cisagov 2021-12-15
IBM Direct Link Exchange on Classic Unknown link cisagov 2021-12-15
IBM DNS Services Unknown link cisagov 2021-12-15
IBM Emptoris Contract Management Unknown link cisagov 2021-12-15
IBM Emptoris Program Management Unknown link cisagov 2021-12-15
IBM Emptoris Sourcing Unknown link cisagov 2021-12-15
IBM Emptoris Spend Analysis Unknown link cisagov 2021-12-15
IBM Emptoris Supplier Lifecycle Management Unknown link cisagov 2021-12-15
IBM Enterprise Tape Controller Model C07 (3592) (ETC) Unknown link cisagov 2021-12-15
IBM Event Notifications Unknown link cisagov 2021-12-15
IBM Event Streams Unknown link cisagov 2021-12-15
IBM File Storage Unknown link cisagov 2021-12-15
IBM Flash System 900 (& 840) Unknown link cisagov 2021-12-15
IBM Flow Logs for VPC Unknown link cisagov 2021-12-15
IBM Functions Unknown link cisagov 2021-12-15
IBM GSKit Unknown link cisagov 2021-12-15
IBM Guardium S-TAP for Data Sets on z/OS Unknown link cisagov 2021-12-15
IBM Guardium S-TAP for DB2 on z/OS Unknown link cisagov 2021-12-15
IBM Guardium S-TAP for IMS on z/OS Unknown link cisagov 2021-12-15
IBM Hyper Protect Crypto Services Unknown link cisagov 2021-12-15
IBM Hyper Protect DBaaS for MongoDB Unknown link cisagov 2021-12-15
IBM Hyper Protect DBaaS for PostgreSQL Unknown link cisagov 2021-12-15
IBM Hyper Protect Virtual Server Unknown link cisagov 2021-12-15
IBM i2 Analysts Notebook Unknown link cisagov 2021-12-15
IBM i2 Base Unknown link cisagov 2021-12-15
IBM IBM Application Runtime Expert for i Unknown link cisagov 2021-12-15
IBM IBM Backup, Recovery and Media Services for i Unknown link cisagov 2021-12-15
IBM IBM Db2 Mirror for i Unknown link cisagov 2021-12-15
IBM IBM HTTP Server Unknown link cisagov 2021-12-15
IBM IBM i Access Family Unknown link cisagov 2021-12-15
IBM IBM i Portfolio of products under the Group SWMA Unknown link cisagov 2021-12-15
IBM IBM PowerHA System Mirror for i Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct Browser User Interface Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct File Agent See Vendor Links Affected link https://www.ibm.com/support/pages/node/6526688, https://www.ibm.com/support/pages/node/6528324, https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/ cisagov 2021-12-20
IBM IBM Sterling Connect:Direct for HP NonStop Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct for i5/OS Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct for OpenVMS Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Express for Microsoft Windows Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Express for UNIX Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Express for z/OS Unknown link cisagov 2021-12-15
IBM Instana Agent Timestamp lower than 12-11-2021 Affected link cisagov 2021-12-14
IBM Internet Services Unknown link cisagov 2021-12-15
IBM Key Lifecycle Manager for z/OS Unknown link cisagov 2021-12-15
IBM Key Protect Unknown link cisagov 2021-12-15
IBM Knowledge Studio Unknown link cisagov 2021-12-15
IBM Kubernetes Service Unknown link cisagov 2021-12-15
IBM Load Balancer for VPC Unknown link cisagov 2021-12-15
IBM Log Analysis Unknown link cisagov 2021-12-15
IBM Managed VMware Service Unknown link cisagov 2021-12-15
IBM Management Extender for VMware vCenter Unknown cisagov 2022-01-12
IBM Mass Data Migration Unknown link cisagov 2021-12-15
IBM Maximo EAM SaaS Unknown link cisagov 2021-12-15
IBM Message Hub Unknown link cisagov 2021-12-15
IBM MQ Appliance Unknown link cisagov 2021-12-15
IBM MQ on IBM Cloud Unknown link cisagov 2021-12-15
IBM Natural Language Understanding Unknown link cisagov 2021-12-15
IBM OmniFind Text Search Server for DB2 for i Unknown link cisagov 2021-12-15
IBM OPENBMC Unknown link cisagov 2021-12-15
IBM Planning Analytics Workspace >2.0.57 Affected link cisagov 2021-12-15
IBM Power HMC V9.2.950.0 & V10.1.1010.0 Affected link cisagov 2021-12-15
IBM PowerSC Unknown link cisagov 2021-12-15
IBM PowerVM Hypervisor Unknown link cisagov 2021-12-15
IBM PowerVM VIOS Unknown link cisagov 2021-12-15
IBM QRadar Advisor Unknown link cisagov 2021-12-15
IBM Qradar Network Threat Analytics Unknown link cisagov 2021-12-15
IBM QRadar SIEM Unknown link cisagov 2021-12-15
IBM Quantum Services Unknown link cisagov 2021-12-15
IBM Rational Developer for AIX and Linux Unknown link cisagov 2021-12-15
IBM Rational Developer for i Unknown link cisagov 2021-12-15
IBM Red Hat OpenShift on IBM Cloud Unknown link cisagov 2021-12-15
IBM Resilient Unknown cisagov 2022-01-12
IBM Robotic Process Automation Unknown link cisagov 2021-12-15
IBM SAN Volume Controller and Storwize Family Unknown link cisagov 2021-12-15
IBM Satellite Infrastructure Service Unknown link cisagov 2021-12-15
IBM Schematics Unknown link cisagov 2021-12-15
IBM Secrets Manager Unknown link cisagov 2021-12-15
IBM Secure Gateway Unknown link cisagov 2021-12-15
IBM Server Automation Unknown cisagov 2022-01-12
IBM Spectrum Archive Library Edition Unknown link cisagov 2021-12-15
IBM Spectrum Discover Unknown link cisagov 2021-12-15
IBM Spectrum Protect Client Management Service Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Databases: Data Protection for Oracle Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Databases: Data Protection for SQL Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Enterprise Resource Planning Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Mail: Data Protection for Domino Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Mail: Data Protection for Exchange Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Workstations Unknown link cisagov 2021-12-15
IBM Spectrum Protect for z/OS USS Client and API Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus Db2 Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus Exchange Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus File Systems Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus MongoDB Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus O365 Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Server Unknown link cisagov 2021-12-15
IBM Spectrum Protect Snapshot for UNIX Unknown link cisagov 2021-12-15
IBM Spectrum Protect Snapshot for UNIX Unknown link cisagov 2021-12-15
IBM SQL Query Unknown link cisagov 2021-12-15
IBM Sterling Gentran Unknown link cisagov 2021-12-15
IBM Sterling Order Management Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for ACORD Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for Financial Services Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for FIX Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for NACHA Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for PeopleSoft Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for SAP R/3 Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for SEPA Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for Siebel Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for SWIFT Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Packs for EDI Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Packs for Healthcare Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Trading Manager Unknown link cisagov 2021-12-15
IBM Storage TS1160 Unknown link cisagov 2021-12-15
IBM Storage TS2280 Unknown link cisagov 2021-12-15
IBM Storage TS2900 Library Unknown link cisagov 2021-12-15
IBM Storage TS3100-TS3200 Library Unknown link cisagov 2021-12-15
IBM Storage TS4500 Library Unknown link cisagov 2021-12-15
IBM Storage Virtualization Engine TS7700 Unknown link cisagov 2021-12-15
IBM Tape System Library Manager Unknown link cisagov 2021-12-15
IBM TDMF for zOS Unknown link cisagov 2021-12-15
IBM Total Storage Service Console (TSSC) / TS4500 IMC Unknown link cisagov 2021-12-15
IBM Transit Gateway Unknown link cisagov 2021-12-15
IBM Tririga Anywhere Unknown link cisagov 2021-12-15
IBM TS4300 Unknown link cisagov 2021-12-15
IBM Urbancode Deploy Unknown link cisagov 2021-12-15
IBM Virtual Private Cloud Unknown link cisagov 2021-12-15
IBM Virtual Server for Classic Unknown link cisagov 2021-12-15
IBM Virtualization Management Interface Unknown link cisagov 2021-12-15
IBM VMware Solutions Unknown link cisagov 2021-12-15
IBM VMware vCenter Server Unknown link cisagov 2021-12-15
IBM VMware vSphere Unknown link cisagov 2021-12-15
IBM VPN for VPC Unknown link cisagov 2021-12-15
IBM vRealize Operations and Log Insight Unknown link cisagov 2021-12-15
IBM Workload Automation Unknown link cisagov 2021-12-15
ICONICS All Unknown link cisagov 2021-12-21
IFS Unknown link cisagov 2022-01-12
IGEL Unknown link cisagov 2022-01-12
Ignite Realtime Unknown link cisagov 2022-01-12
iGrafx Unknown link cisagov 2022-01-12
Illuminated Cloud Unknown link cisagov 2022-01-12
Illumio C-VEN Unknown link cisagov 2021-12-16
Illumio CLI Unknown link cisagov 2021-12-16
Illumio CloudSecure Unknown link cisagov 2021-12-16
Illumio Core on-premise PCE Unknown link cisagov 2021-12-16
Illumio Core SaaS PCE Unknown link cisagov 2021-12-16
Illumio Edge SaaS PCE Unknown link cisagov 2021-12-16
Illumio Edge-CrowdStrike Unknown link cisagov 2021-12-16
Illumio Flowlink Unknown link cisagov 2021-12-16
Illumio Kubelink Unknown link cisagov 2021-12-16
Illumio NEN Unknown link cisagov 2021-12-16
Illumio QRadar App Unknown link cisagov 2021-12-16
Illumio Splunk App Unknown link cisagov 2021-12-16
Illumio VEN Unknown link cisagov 2021-12-16
IManage Unknown link cisagov 2022-01-12
Imperva Unknown link cisagov 2022-01-12
Inductive Automation Ignition Not Affected link Older versions of Ignition (7.8 and older) did use the Log4j library, but they used an older version (1.2) that was not affected by this vulnerability. cisagov 2022-01-19
IndustrialDefender Unknown link cisagov 2022-01-12
infinidat Unknown link cisagov 2022-01-12
InfluxData Unknown link cisagov 2022-01-12
Infoblox Unknown link cisagov 2022-01-12
Informatica Unknown link cisagov 2022-01-12
Instana Unknown link cisagov 2022-01-12
Instructure Unknown link cisagov 2022-01-12
Intel Audio Development Kit Unknown link cisagov 2021-12-16
Intel Computer Vision Annotation Tool maintained by Intel Unknown link cisagov 2021-12-16
Intel Datacenter Manager Unknown link cisagov 2021-12-16
Intel Genomics Kernel Library Unknown link cisagov 2021-12-16
Intel oneAPI sample browser plugin for Eclipse Unknown link cisagov 2021-12-16
Intel Secure Device Onboard Unknown link cisagov 2021-12-16
Intel Sensor Solution Firmware Development Kit Unknown link cisagov 2021-12-16
Intel System Debugger Unknown link cisagov 2021-12-16
Intel System Studio Unknown link cisagov 2021-12-16
Internet Systems Consortium(ISC) BIND 9 Not Affected link no JAVA Code cisagov 2021-12-17
Internet Systems Consortium(ISC) ISC DHCP, aka dhcpd Not Affected link no JAVA Code cisagov 2021-12-17
Internet Systems Consortium(ISC) Kea DHCP Not Affected link no JAVA Code cisagov 2021-12-17
InterSystems Unknown link cisagov 2022-01-12
Intland codebeamer <= 20.11-SP11, <= 21.09-SP3 Affected link A fix has been released for 20.11 and 21.09, but not yet for 21.04 cisagov 2022-01-12
IPRO Netgovern Unknown cisagov 2022-01-12
iRedMail Unknown link cisagov 2022-01-12
Ironnet Unknown link cisagov 2022-01-12
ISLONLINE Unknown link cisagov 2022-01-12
Ivanti Application Control for Linux Not Affected link cisagov 2022-01-18
Ivanti Application Control for Windows Not Affected link cisagov 2022-01-18
Ivanti Automation Not Affected link cisagov 2022-01-18
Ivanti Avalanche 6.2.2, 6.3.0 to 6.3.3 Affected link cisagov 2022-01-18
Ivanti Avalanche Remote Control Not Affected link cisagov 2022-01-18
Ivanti CETerm (Naurtech) Not Affected link cisagov 2022-01-18
Ivanti Cherwell Asset Management (CAM) Not Affected link cisagov 2022-01-18
Ivanti Cherwell Service Management (CSM) Not Affected link cisagov 2022-01-18
Ivanti Connect Pro Not Affected link cisagov 2022-01-18
Ivanti ConnectPro (Termproxy) Not Affected link cisagov 2022-01-18
Ivanti Credential mgr (PivD Manager) Not Affected link cisagov 2022-01-18
Ivanti Discovery Classic Not Affected link cisagov 2022-01-18
Ivanti DSM Not Affected link cisagov 2022-01-18
Ivanti Environment Manager Not Affected link cisagov 2022-01-18
Ivanti GoldMine Not Affected link cisagov 2022-01-18
Ivanti HEAT Classic Not Affected link cisagov 2022-01-18
Ivanti IIRIS (Neurons for IIOT) Not Affected link cisagov 2022-01-18
Ivanti Incapptic Connect Not Affected link cisagov 2022-01-18
Ivanti Insight Not Affected link cisagov 2022-01-18
Ivanti ITSM 6/7 Not Affected link cisagov 2022-01-18
Ivanti Ivanti Asset Lifecycle Management Not Affected link cisagov 2022-01-18
Ivanti Ivanti Device Application Control Not Affected link cisagov 2022-01-18
Ivanti Ivanti Endpoint Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti Endpoint Security Not Affected link cisagov 2022-01-18
Ivanti Ivanti Environment Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti EPM - Cloud Service Appliance Not Affected link cisagov 2022-01-18
Ivanti Ivanti File Director 2019.1., 2020.1., 2020.3., 2021.1., 4.4.* 2021.3 HF2, 2021.1 HF1, 2020.3 HF2 Fixed link cisagov 2022-01-18
Ivanti Ivanti Identity Director Not Affected link cisagov 2022-01-18
Ivanti Ivanti License Optimizer (ILO) Not Affected link cisagov 2022-01-18
Ivanti Ivanti Management Center Not Affected link cisagov 2022-01-18
Ivanti Ivanti Neurons Platform Not Affected link cisagov 2022-01-18
Ivanti Ivanti Performance Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti Security Controls (Patch ISec) Not Affected link See More INFO for Ivanti Security Controls (Patch ISec) in the Advisory Page cisagov 2022-01-18
Ivanti Ivanti Service Desk Not Affected link Not Affected. Java is no longer required since version 2018.3U3 Customers on older versions can uninstall JRE on their ISD Servers for mitigation. This will disable indexing of Attachments and Documents for full-text search. cisagov 2022-01-18
Ivanti Ivanti Service Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti Service Manager for Neurons (Cloud) Not Affected link cisagov 2022-01-18
Ivanti Ivanti Voice Not Affected link cisagov 2022-01-18
Ivanti Ivanti Workspace Control Not Affected link cisagov 2022-01-18
Ivanti MI Appconnect Not Affected link cisagov 2022-01-18
Ivanti MI Email+ Not Affected link cisagov 2022-01-18
Ivanti MI Go Client Not Affected link cisagov 2022-01-18
Ivanti MI MobileAtWork Not Affected link cisagov 2022-01-18
Ivanti MI Security Productivity Apps Not Affected link cisagov 2022-01-18
Ivanti Mi Tunnel App Not Affected link cisagov 2022-01-18
Ivanti MobileIron Access ZSO All Affected link Mitigated. No Impact cisagov 2022-01-18
Ivanti MobileIron BYOD Portal Not Affected link cisagov 2022-01-18
Ivanti MobileIron Cloud Not Affected link cisagov 2022-01-18
Ivanti MobileIron Cloud Connector Not Affected link cisagov 2022-01-18
Ivanti MobileIron Core All Affected link See Advisory details for mitigation instructions for MobileIron Core. cisagov 2022-01-18
Ivanti MobileIron Core Connector All Affected link See Advisory details for mitigation instructions for MobileIron Core Connector. cisagov 2022-01-18
Ivanti MobileIron Sentry (Core/Cloud) 9.13, 9.14 Affected link See Advisory details for mitigation instructions for MobileIron Sentry. cisagov 2022-01-18
Ivanti Patch MEM (Microsoft Endpoint Manager) Not Affected link cisagov 2022-01-18
Ivanti Patch OEM APIs Not Affected link cisagov 2022-01-18
Ivanti Performance Manager Not Affected link cisagov 2022-01-18
Ivanti Pulse Connect Secure Not Affected link cisagov 2022-01-18
Ivanti Pulse Desktop Client Not Affected link cisagov 2022-01-18
Ivanti Pulse Mobile Client Not Affected link cisagov 2022-01-18
Ivanti Pulse One Not Affected link cisagov 2022-01-18
Ivanti Pulse Policy Secure Not Affected link cisagov 2022-01-18
Ivanti Pulse Services Director Not Affected link cisagov 2022-01-18
Ivanti Pulse Virtual Traffic Manager Not Affected link cisagov 2022-01-18
Ivanti Pulse Web Application Firewall Not Affected link cisagov 2022-01-18
Ivanti Pulse ZTA Not Affected link cisagov 2022-01-18
Ivanti Risksense Threat and Vulnerability Management Not Affected link cisagov 2022-01-18
Ivanti SpeakEasy (add-on to Velocity) Not Affected link cisagov 2022-01-18
Ivanti SpeakEasy (WinCE) Not Affected link cisagov 2022-01-18
Ivanti Terminal Emulation and Industrial Browser Not Affected link cisagov 2022-01-18
Ivanti Velocity Not Affected link cisagov 2022-01-18
Ivanti VelocityCE Not Affected link cisagov 2022-01-18
Ivanti Virtual Desktop Extender Not Affected link cisagov 2022-01-18
Ivanti Wavelink License Server Not Affected link cisagov 2022-01-18
Ivanti Xtraction Not Affected link cisagov 2022-01-18
Jamasoftware All Unknown link cisagov 2022-01-12
Jamf Jamf Cloud Fixed link cisagov 2022-01-12
Jamf Jamf Connect Not Affected link cisagov 2022-01-12
Jamf Jamf Data Policy Not Affected link cisagov 2022-01-12
Jamf Jamf Health Care Listener Not Affected link cisagov 2022-01-12
Jamf Jamf Infrastructure Manager Not Affected link cisagov 2022-01-12
Jamf Jamf Now Not Affected link cisagov 2022-01-12
Jamf Jamf Private Access Not Affected link cisagov 2022-01-12
Jamf Jamf Pro (On-Prem) 10.34.1 Fixed link cisagov 2022-01-12
Jamf Jamf Protect Not Affected link cisagov 2022-01-12
Jamf Jamf School Not Affected link cisagov 2022-01-12
Jamf Jamf Threat Defense Not Affected link cisagov 2022-01-12
Janitza GridVis Not Affected link cisagov 2022-01-05
Jaspersoft All Unknown link cisagov 2022-01-12
Java Melody All 1.90.0 Fixed link cisagov 2022-01-12
Jedox All Unknown link cisagov 2022-01-12
Jenkins CI Not Affected link cisagov 2022-01-12
Jenkins CI/CD Core Not Affected link cisagov 2022-01-12
Jenkins Plugins Unknown link Instructions to test your installations in announcement cisagov 2021-12-16
JetBrains All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) Not Affected link cisagov 2022-01-12
Jetbrains Code With Me Fixed link cisagov 2022-01-12
JetBrains Datalore Not Affected link cisagov 2022-01-12
JetBrains Floating License Server 30241 Fixed link cisagov 2022-01-12
JetBrains Gateway Not Affected link cisagov 2022-01-12
JetBrains Hub 2021.1.14080 Fixed link cisagov 2022-01-12
JetBrains IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, Rider, RubyMine, WebStorm) Not Affected link cisagov 2022-01-12
JetBrains Kotlin Not Affected link cisagov 2022-01-12
JetBrains Ktor Not Affected link cisagov 2022-01-12
JetBrains MPS Not Affected link cisagov 2022-01-12
JetBrains Space Not Affected link cisagov 2022-01-12
JetBrains TeamCity Not Affected link cisagov 2022-01-12
JetBrains ToolBox Not Affected link cisagov 2022-01-12
JetBrains UpSource 2020.1.1952 Fixed link cisagov 2022-01-12
JetBrains YouTrack InCloud Fixed link cisagov 2022-01-12
JetBrains YouTrack Standalone 2021.4.35970 Fixed link cisagov 2022-01-12
JFrog All Not Affected link cisagov 2022-01-12
JGraph DrawIO Not Affected link cisagov 2022-01-12
Jitsi jitsi-videobridge v2.1-595-g3637fda42 Fixed link cisagov 2022-01-12
Jitterbit All Unknown link cisagov 2022-01-12
Johnson Controls Athena Not Affected link cisagov 2021-12-21
Johnson Controls BCPro Not Affected link cisagov 2021-12-21
Johnson Controls CEM AC2000 Not Affected link cisagov 2021-12-21
Johnson Controls CEM Hardware Products Not Affected link cisagov 2021-12-21
Johnson Controls CK721-A (P2000) Not Affected link cisagov 2021-12-21
Johnson Controls CloudVue Gateway Not Affected link cisagov 2021-12-21
Johnson Controls CloudVue Web Not Affected link cisagov 2021-12-21
Johnson Controls Connect24 Not Affected link cisagov 2021-12-21
Johnson Controls Connected Equipment Gateway (CEG) Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE Client Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE Server Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE Web Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE-9000 Not Affected link cisagov 2021-12-21
Johnson Controls DataSource Not Affected link cisagov 2021-12-21
Johnson Controls DLS Not Affected link cisagov 2021-12-21
Johnson Controls Entrapass Not Affected link cisagov 2021-12-21
Johnson Controls exacqVision Client Not Affected link cisagov 2021-12-21
Johnson Controls exacqVision Server Not Affected link cisagov 2021-12-21
Johnson Controls exacqVision WebService Not Affected link cisagov 2021-12-21
Johnson Controls Facility Explorer Not Affected link cisagov 2021-12-21
Johnson Controls Illustra Cameras Not Affected link cisagov 2021-12-21
Johnson Controls Illustra Insight Not Affected link cisagov 2021-12-21
Johnson Controls iSTAR Not Affected link cisagov 2021-12-21
Johnson Controls Kantech Entrapass Not Affected link cisagov 2021-12-21
Johnson Controls Metasys Products and Tools Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Active Responder Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Bridge Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Chiller Utility Plant Optimizer Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Cloud Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Connected Chiller Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Enterprise Manager Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Location Manager Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Risk Insight Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Twin Not Affected link cisagov 2021-12-21
Johnson Controls OpenBlue Workplace Not Affected link cisagov 2021-12-21
Johnson Controls P2000 Not Affected link cisagov 2021-12-21
Johnson Controls PowerSeries NEO Not Affected link cisagov 2021-12-21
Johnson Controls PowerSeries Pro Not Affected link cisagov 2021-12-21
Johnson Controls Qolsys IQ Panels Not Affected link cisagov 2021-12-21
Johnson Controls RFID Overhead360 Backend All Fixed link cisagov 2021-12-21
Johnson Controls S321-IP (P2000) Not Affected link cisagov 2021-12-21
Johnson Controls Shoppertrak Analytics (STaN) - Traffic Not Affected link cisagov 2021-12-21
Johnson Controls Shoppertrak Market Intelligence Not Affected link cisagov 2021-12-21
Johnson Controls Shoppertrak Perimeter Apps Not Affected link cisagov 2021-12-21
Johnson Controls Shoppertrak Shopper Journey Not Affected link cisagov 2021-12-21
Johnson Controls Shoppertrak Video Analytics Not Affected link cisagov 2021-12-21
Johnson Controls SurGard Receivers Not Affected link cisagov 2021-12-21
Johnson Controls TrueVue Cloud Not Affected link cisagov 2021-12-21
Johnson Controls Tyco AI Not Affected link cisagov 2021-12-21
Johnson Controls victor Not Affected link cisagov 2021-12-21
Johnson Controls victor/ C•CURE9000 Unified Not Affected link cisagov 2021-12-21
Johnson Controls VideoEdge Not Affected link cisagov 2021-12-21
Johnson Controls Xaap Not Affected link cisagov 2021-12-21
Journyx All Unknown link cisagov 2022-01-12
jPOS (ISO-8583) bridge Not Affected link cisagov 2022-01-12
Jump Desktop All Unknown link cisagov 2022-01-12
Juniper Networks Advanced Threat Prevention (JATP) Not Affected link cisagov 2022-01-12
Juniper Networks AppFormix Not Affected link cisagov 2022-01-12
Juniper Networks Apstra System Not Affected link cisagov 2022-01-12
Juniper Networks Apstra System Not Affected link cisagov 2022-01-12
Juniper Networks Connectivity Services Director Not Affected link cisagov 2022-01-12
Juniper Networks Contrail Analytics Not Affected link cisagov 2022-01-12
Juniper Networks Contrail Cloud Not Affected link cisagov 2022-01-12
Juniper Networks Contrail Networking Not Affected link cisagov 2022-01-12
Juniper Networks Contrail Service Orchestration Not Affected link cisagov 2022-01-12
Juniper Networks Cross Provisioning Platform Not Affected link cisagov 2022-01-12
Juniper Networks CTPOS and CTPView Not Affected link cisagov 2022-01-12
Juniper Networks ICEAAA Manager Not Affected link cisagov 2022-01-12
Juniper Networks JATP Cloud Not Affected link cisagov 2022-01-12
Juniper Networks Juniper Identity Management Services (JIMS) Not Affected link cisagov 2022-01-12
Juniper Networks Juniper Mist Edge Not Affected link cisagov 2022-01-12
Juniper Networks Juniper Sky Enterprise Not Affected link cisagov 2022-01-12
Juniper Networks Junos OS Not Affected link cisagov 2022-01-12
Juniper Networks Junos OS Evolved Not Affected link cisagov 2022-01-12
Juniper Networks Junos Space Network Management Platform Affected link cisagov 2022-01-12
Juniper Networks MIST - Juniper Networks Marvis Virtual Network Assistant (VNA) Not Affected link cisagov 2022-01-12
Juniper Networks MIST - Juniper Networks Mist AI Not Affected link cisagov 2022-01-12
Juniper Networks MIST - Juniper Networks Wi-Fi Assurance Not Affected link cisagov 2022-01-12
Juniper Networks MIST - Juniper Networks Wired Assurance Not Affected link cisagov 2022-01-12
Juniper Networks Mist Access Points Not Affected link cisagov 2022-01-12
Juniper Networks Network Director Not Affected link cisagov 2022-01-12
Juniper Networks Northstar Controller Affected link cisagov 2022-01-12
Juniper Networks Northstar Planner Not Affected link cisagov 2022-01-12
Juniper Networks Paragon Insights >= 21 version 21.1 ; >= 22 version 22.2 Affected link cisagov 2022-01-12
Juniper Networks Paragon Pathfinder >= 21 version 21.1 ; >= 22 version 22.2 Affected link cisagov 2022-01-12
Juniper Networks Paragon Planner >= 21 version 21.1 ; >= 22 version 22.2 Affected link cisagov 2022-01-12
Juniper Networks Policy Enforcer Not Affected link cisagov 2022-01-12
Juniper Networks Products using Wind River Linux in Junos OS and Junos OS Evolved Not Affected link cisagov 2022-01-12
Juniper Networks ScreenOS Not Affected link cisagov 2022-01-12
Juniper Networks SecIntel Not Affected link cisagov 2022-01-12
Juniper Networks Secure Analytics Not Affected link cisagov 2022-01-12
Juniper Networks Security Director Not Affected link cisagov 2022-01-12
Juniper Networks Security Director Insights Not Affected link cisagov 2022-01-12
Juniper Networks Session Smart Router (Formerly 128T) Not Affected link cisagov 2022-01-12
Juniper Networks Space SDK Not Affected link cisagov 2022-01-12
Juniper Networks Standalone Log Collector 20.1 (as also used by Space Security Director) Not Affected link cisagov 2022-01-12
Juniper Networks User Engagement Virtual BLE Not Affected link cisagov 2022-01-12
Justice Systems All Unknown link cisagov 2022-01-12
K15t All Unknown link cisagov 2022-01-12
K6 All Unknown link cisagov 2022-01-12
Kaltura Blackboard Learn SaaS in the classic Learn experience v3900.28.x Fixed link cisagov 2021-12-23
Kaltura Blackboard Learn Self- and Managed-Hosting v3900.26.x Fixed link cisagov 2021-12-23
Karakun All Unknown link cisagov 2022-01-12
Kaseya AuthAnvil Not Affected link cisagov 2021-12-15
Kaseya BMS Not Affected link cisagov 2021-12-15
Kaseya ID Agent DarkWeb ID and BullPhish ID Not Affected link cisagov 2021-12-15
Kaseya IT Glue Not Affected link cisagov 2021-12-15
Kaseya MyGlue Not Affected link cisagov 2021-12-15
Kaseya Network Glue Not Affected link cisagov 2021-12-15
Kaseya Passly Not Affected link cisagov 2021-12-15
Kaseya RocketCyber Not Affected link cisagov 2021-12-15
Kaseya Spannign Salesforce Backup Not Affected link cisagov 2021-12-15
Kaseya Spanning O365 Backup Not Affected link cisagov 2021-12-15
Kaseya Unitrends Not Affected link cisagov 2021-12-15
Kaseya Vorex Not Affected link cisagov 2021-12-15
Kaseya VSA SaaS and VSA On-Premises Not Affected link cisagov 2021-12-15
KeePass All Not Affected link cisagov 2022-01-12
Keeper All Fixed link cisagov 2022-01-12
Kemp All Unknown link Additional Link cisagov 2022-01-12
Keycloak All Not Affected link cisagov 2022-01-12
Kofax Capture Not Affected link cisagov 2022-01-12
Kofax Communication Manager 5.3 - 5.5 Fixed link cisagov 2022-01-12
Kofax Robot File System (RFS) >=10.7 Fixed link cisagov 2022-01-12
Kofax Robotic Process Automation (RPA) 11.1, 11.2 Fixed link cisagov 2022-01-12
Konica Minolta All Unknown link cisagov 2022-01-12
Kronos UKG All Unknown link cisagov 2022-01-12
Kyberna All Unknown link cisagov 2022-01-12
L-Soft Unknown link cisagov 2022-01-12
L3Harris Geospatial Unknown link cisagov 2022-01-12
Lancom Systems Unknown link cisagov 2022-01-12
Lansweeper Unknown link cisagov 2022-01-12
Laserfiche Unknown link cisagov 2022-01-12
LastPass Unknown link cisagov 2022-01-12
LaunchDarkly Unknown link cisagov 2022-01-12
Leanix Unknown link cisagov 2022-01-12
Leica BIOSYSTEMS Aperio AT2 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio AT2 DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio CS2 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio eSlide Manager Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio GT 450 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio GT 450 DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio ImageScope Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio ImageScope DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio LV1 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio SAM DX Server For GT 450 DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio Scanner Administration Manager (SAM) Server for GT 450 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio VERSA Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio WebViewer DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND Controller Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND RX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND RXm Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND-ADVANCE Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND-III Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND-MAX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS CEREBRO Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS CytoVision Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore PEARL Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore PEGASUS Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPECTRA CV Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPECTRA ST Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPIRIT ST Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPRING ST Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ASP300S Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica CV5030 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ST4020 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ST5010 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ST5020 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica TP1020 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS LIS Connect Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS PathDX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS ThermoBrite Elite Unknown link cisagov 2021-12-21
Lenovo BIOS/UEFI Unknown link cisagov 2021-12-14
Lenovo Chassis Management Module 2 (CMM) Unknown link cisagov 2021-12-14
Lenovo Commercial Vantage Unknown link cisagov 2021-12-14
Lenovo Confluent Unknown link cisagov 2021-12-14
Lenovo DSS-G Unknown link cisagov 2021-12-14
Lenovo Embedded System Management Java-based KVM clients Unknown link cisagov 2021-12-14
Lenovo Fan Power Controller (FPC) Unknown link cisagov 2021-12-14
Lenovo Fan Power Controller2 (FPC2) Unknown link cisagov 2021-12-14
Lenovo Integrated Management Module II (IMM2) Unknown link cisagov 2021-12-14
Lenovo NetApp ONTAP Tools for VMware vSphere Unknown link See NetApp advisory. cisagov 2021-12-14
Lenovo Network Switches running: Lenovo CNOS, Lenovo ENOS, IBM ENOS, or Brocade FOS Unknown link cisagov 2021-12-14
Lenovo Storage Management utilities Unknown link cisagov 2021-12-14
Lenovo System Management Module (SMM) Unknown link cisagov 2021-12-14
Lenovo System Management Module 2 (SMM2) Unknown link cisagov 2021-12-14
Lenovo System Update Unknown link cisagov 2021-12-14
Lenovo Thin Installer Unknown link cisagov 2021-12-14
Lenovo ThinkAgile HX Unknown link Nutanix and VMware components only; hardware not affected. See Nutanix and VMWare advisories. cisagov 2021-12-14
Lenovo ThinkAgile VX Unknown link VMware components only; hardware not affected. See VMWare advisory. cisagov 2021-12-14
Lenovo ThinkSystem 2x1x16 Digital KVM Switch - Type 1754D1T Unknown link cisagov 2021-12-14
Lenovo ThinkSystem DE Series Storage Unknown link See also NetApp advisory. cisagov 2021-12-14
Lenovo ThinkSystem DM Series Storage Unknown link See also NetApp advisory. cisagov 2021-12-14
Lenovo ThinkSystem DS Series Storage Unknown link cisagov 2021-12-14
Lenovo ThinkSystem Manager (TSM) Unknown link cisagov 2021-12-14
Lenovo Update Retriever Unknown link cisagov 2021-12-14
Lenovo Vantage Unknown link cisagov 2021-12-14
Lenovo XClarity Administrator (LXCA) Unknown link cisagov 2021-12-14
Lenovo XClarity Controller (XCC) Unknown link cisagov 2021-12-14
Lenovo XClarity Energy Manager (LXEM) Unknown link cisagov 2021-12-14
Lenovo XClarity Essentials (LXCE) Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Microsoft Azure Log Analytics Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Microsoft System Center Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Nagios Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for ServiceNow Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for VMware vCenter Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Windows Admin Center Unknown link cisagov 2021-12-14
Lenovo XClarity Mobile (LXCM) Unknown link cisagov 2021-12-14
Lenovo XClarity Orchestrator (LXCO) Unknown link cisagov 2021-12-14
Lenovo XClarity Provisioning Manager (LXPM) Unknown link cisagov 2021-12-14
LeoStream Unknown link cisagov 2022-01-12
Let's Encrypt Unknown link cisagov 2022-01-12
LibreNMS Unknown link cisagov 2022-01-12
LifeRay Unknown link cisagov 2022-01-12
LifeSize Unknown link cisagov 2022-01-12
Lightbend Unknown link cisagov 2022-01-12
Lime CRM Unknown link cisagov 2022-01-12
LIONGARD Unknown link cisagov 2022-01-12
LiquidFiles Unknown link cisagov 2022-01-12
LiveAction Unknown link cisagov 2022-01-12
Loftware Unknown link cisagov 2022-01-12
LOGalyze SIEM & log analyzer tool v4.x Affected link local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17 Forks (github.com) cisagov 2021-12-17
LogiAnalytics Unknown link cisagov 2022-01-12
LogicMonitor LogicMonitor Platform Unknown link cisagov 2022-01-12
Logit.io Logit.io Platform Not Affected link cisagov 2022-02-07
LogMeIn Unknown link cisagov 2022-01-12
LogRhythm Unknown link cisagov 2022-01-12
Looker Looker 21.0, 21.6, 21.12, 21.16, 21.18, 21.20 Affected link cisagov 2022-01-12
LucaNet Unknown link cisagov 2022-01-12
Lucee Unknown link cisagov 2022-01-12
Lyrasis Fedora Repository Not Affected link Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. cisagov 2021-12-14
MailStore Unknown link cisagov 2022-01-12
Maltego Unknown link cisagov 2022-01-12
ManageEngine AD SelfService Plus Not Affected cisagov 2021-12-27
ManageEngine Servicedesk Plus 11305 and below Affected link cisagov 2021-12-15
ManageEngine Zoho Unknown link cisagov 2022-01-12
ManageEngine Zoho ADAudit Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho ADManager Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho Analytics Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho Cloud Security Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho DataSecurity Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho EventLog Analyzer Unknown link cisagov 2021-12-16
ManageEngine Zoho Exchange Reporter Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho Log360 Unknown link cisagov 2021-12-16
ManageEngine Zoho Log360 UEBA Unknown link cisagov 2021-12-16
ManageEngine Zoho M365 Manager Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho M365 Security Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho RecoveryManager Plus Unknown link cisagov 2021-12-16
MariaDB Unknown link cisagov 2022-01-12
MathWorks All MathWorks general release desktop or server products Not Affected link cisagov 2022-01-18
MathWorks MATLAB Not Affected link cisagov 2022-01-18
Matillion Matillion ETL 1.59.10+ Fixed link cisagov 2022-11-01
Matomo Unknown link cisagov 2022-01-12
Mattermost FocalBoard Unknown link cisagov 2022-01-12
McAfee Data Exchange Layer (DXL) Client Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Discover Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Endpoint for Mac Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Endpoint for Windows Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Monitor Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Prevent Unknown cisagov 2021-12-20
McAfee Endpoint Security (ENS) for Linux Unknown cisagov 2021-12-20
McAfee Endpoint Security (ENS) for Mac Unknown cisagov 2021-12-20
McAfee Endpoint Security (ENS) for Windows Unknown cisagov 2021-12-20
McAfee Enterprise Security Manager (ESM) 11.5.3 Fixed link cisagov 2021-12-20
McAfee ePolicy Orchestrator Agent Handlers (ePO-AH) Unknown cisagov 2021-12-20
McAfee ePolicy Orchestrator Application Server (ePO) 5.10 CU11 Fixed link cisagov 2021-12-20
McAfee Host Intrusion Prevention (Host IPS) Unknown cisagov 2021-12-20
McAfee Management of Native Encryption (MNE) Unknown cisagov 2021-12-20
McAfee McAfee Active Response (MAR) Unknown cisagov 2021-12-20
McAfee McAfee Agent (MA) Unknown cisagov 2021-12-20
McAfee McAfee Application and Change Control (MACC) for Linux Unknown cisagov 2021-12-20
McAfee McAfee Application and Change Control (MACC) for Windows Unknown cisagov 2021-12-20
McAfee McAfee Client Proxy (MCP) for Mac Unknown cisagov 2021-12-20
McAfee McAfee Client Proxy (MCP) for Windows Unknown cisagov 2021-12-20
McAfee McAfee Drive Encryption (MDE) Unknown cisagov 2021-12-20
McAfee McAfee Security for Microsoft Exchange (MSME) Unknown cisagov 2021-12-20
McAfee McAfee Security for Microsoft Exchange (MSME) Unknown cisagov 2021-12-20
McAfee McAfee Security for Microsoft SharePoint (MSMS) Unknown cisagov 2021-12-20
McAfee Network Security Manager (NSM) Unknown cisagov 2021-12-20
McAfee Network Security Platform (NSP) Unknown cisagov 2021-12-20
McAfee Policy Auditor Unknown cisagov 2021-12-20
McAfee Threat Intelligence Exchange (TIE) Unknown link Latest status in linked Security Bulletin cisagov 2021-12-20
McAfee Web Gateway (MWG) Unknown link cisagov 2021-12-20
Medtronic Unknown link cisagov 2021-12-21
MEINBERG Unknown link cisagov 2022-01-12
MEINBERG LANTIME and microSync Unknown link cisagov 2022-01-05
Meltano Meltano Unknown link Project is written in Python cisagov 2022-01-12
Memurai Unknown link cisagov 2022-01-12
Micro Focus Data Protector 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.90, 10.91, 11.00 Fixed link https://portal.microfocus.com/s/article/KM000003050 cisagov 2021-12-13
Microsoft Azure API Gateway Unknown link cisagov 2022-01-12
Microsoft Azure Application Gateway Unknown link cisagov 2022-01-12
Microsoft Azure Data lake store java < 2.3.10 Affected link cisagov 2022-01-12
Microsoft Azure Data lake store java < 2.3.10 Affected link cisagov 2022-01-12
Microsoft Azure DevOps Unknown link cisagov 2022-01-12
Microsoft Azure DevOps Server 2019.0 - 2020.1 Affected link cisagov 2022-01-12
Microsoft Azure Traffic Manager Unknown link cisagov 2022-01-12
Microsoft Team Foundation Server 2018.2+ Affected link cisagov 2022-01-12
Microstrategy Unknown link cisagov 2022-01-12
Midori Global Unknown link cisagov 2022-01-12
Mikrotik Unknown link cisagov 2022-01-12
Milestone sys Unknown link cisagov 2022-01-12
Mimecast Unknown link cisagov 2022-01-12
Minecraft Unknown link cisagov 2022-01-12
Mirantis Unknown link cisagov 2022-01-12
Miro Unknown link cisagov 2022-01-12
Mitel Unknown link cisagov 2022-01-12
MMM Group Control software of all MMM series Unknown link cisagov 2022-01-05
MMM Group RUMED360 Cycles, RUMED360 Cycles View, RUMED360 Sicon, RUMED360 ISA-Server Unknown link cisagov 2022-01-05
MongoDB All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) Unknown link cisagov 2022-01-12
MongoDB MongoDB Atlas Search Unknown link cisagov 2022-01-12
MongoDB MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) Unknown link cisagov 2022-01-12
MongoDB MongoDB Drivers Unknown link cisagov 2022-01-12
MongoDB MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) Unknown link cisagov 2022-01-12
MongoDB MongoDB Realm (including Realm Database, Sync, Functions, APIs) Unknown link cisagov 2022-01-12
MongoDB MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) Unknown link cisagov 2022-01-12
Moodle Unknown link cisagov 2022-01-12
MoogSoft Unknown link cisagov 2022-01-12
Motorola Avigilon Unknown link cisagov 2022-01-12
Moxa Not Affected link Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected. cisagov 2022-01-19
Mulesoft Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Mulesoft Anypoint Studio 7.x Affected link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
Mulesoft Cloudhub Unknown link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
Mulesoft Mule Agent 6.x Affected link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
Mulesoft Mule Runtime 3.x, 4.x Affected link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
N-able Unknown link cisagov 2022-01-12
Nagios Unknown link cisagov 2022-01-12
NAKIVO Unknown link cisagov 2022-01-12
National Instruments OptimalPlus Vertica, Cloudera, Logstash Affected link (Limited to deployments running Vertica, Cloudera, or Logstash) Contact Technical Support cisagov 2022-01-05
Neo4j Neo4j Graph Database >4.2, <4..2.12 Affected cisagov 2021-12-13
Netapp Multiple NetApp products Unknown link cisagov 2022-01-12
Netcup Unknown link cisagov 2022-01-12
NetGate PFSense Unknown link cisagov 2022-01-12
Netwrix Unknown link cisagov 2022-01-12
New Relic Containerized Private Minion (CPM) 3.0.57 Fixed link New Relic is in the process of revising guidance/documentation, however the fix version remains sufficient. Security Bulletin NR21-04 cisagov 2021-12-18
New Relic New Relic Java Agent <7.4.3 Affected link Initially fixed in 7.4.2, but additional vulnerability found New Relic tracking, covers CVE-2021-44228, CVE-2021-45046 cisagov 2021-12-20
NextCloud Unknown link cisagov 2022-01-12
Nextflow Nextflow Not Affected link cisagov 2021-12-21
Nexus Group Unknown link cisagov 2022-01-12
Nice Software (AWS) EnginFRAME Unknown link cisagov 2022-01-12
NinjaRMM Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Nomachine Unknown link cisagov 2022-01-12
NoviFlow Unknown link cisagov 2022-01-12
Nulab Backlog N/A (SaaS) Fixed link cisagov 2022-01-12
Nulab Backlog Enterprise (On-premises) < 1.11.7 Fixed link cisagov 2022-01-12
Nulab Cacoo N/A (SaaS) Fixed link cisagov 2022-01-12
Nulab Cacoo Enterprise (On-premises) < 4.0.4 Fixed link cisagov 2022-01-12
Nulab Typetalk N/A (SaaS) Fixed link cisagov 2022-01-12
Nutanix AHV Not Affected link cisagov 2021-12-20
Nutanix AOS Not Affected link cisagov 2021-12-20
Nutanix AOS STS (including Prism Element) Fixed link Patched in 6.0.2.4, available on the Portal for download. cisagov 2021-12-20
Nutanix Beam Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix BeamGov Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Calm Not Affected link cisagov 2021-12-20
Nutanix Calm Tunnel VM Not Affected link cisagov 2021-12-20
Nutanix Collector Not Affected link cisagov 2021-12-20
Nutanix Collector Portal Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Data Lens Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Era Not Affected link cisagov 2021-12-20
Nutanix File Analytics 2.1.x, 2.2.x, 3.0+ Affected link Mitigated in version 3.0.1 which is available on the Portal for download. Mitigation is available here cisagov 2021-12-20
Nutanix Files Not Affected link cisagov 2021-12-20
Nutanix Flow Not Affected link cisagov 2021-12-20
Nutanix Flow Security Cental Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Foundation Not Affected link cisagov 2021-12-20
Nutanix Frame Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix FrameGov Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix FSCVM Not Affected link cisagov 2021-12-20
Nutanix Insights Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Karbon All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix Karbon Platform Service Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix LCM Not Affected link cisagov 2021-12-20
Nutanix Leap Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Mine All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix Move Not Affected link cisagov 2021-12-20
Nutanix MSP All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix NCC Not Affected link cisagov 2021-12-20
Nutanix NGT Not Affected link cisagov 2021-12-20
Nutanix Objects All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix Prism Central All Fixed link Patched in 2021-9.0.3, available on the Portal for download. cisagov 2021-12-20
Nutanix Sizer Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Volumes Not Affected link cisagov 2021-12-20
Nutanix Witness VM All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix X-Ray Not Affected link cisagov 2021-12-20
Nvidia Unknown link cisagov 2022-01-12
NXLog Unknown link cisagov 2022-01-12
Objectif Lune Unknown link cisagov 2022-01-12
OCLC Unknown link cisagov 2022-01-12
Octopus Unknown link cisagov 2022-01-12
Okta Advanced Server Access Unknown link cisagov 2021-12-12
Okta Okta Access Gateway Unknown link cisagov 2021-12-12
Okta Okta AD Agent Unknown link cisagov 2021-12-12
Okta Okta Browser Plugin Unknown link cisagov 2021-12-12
Okta Okta IWA Web Agent Unknown link cisagov 2021-12-12
Okta Okta LDAP Agent Unknown link cisagov 2021-12-12
Okta Okta Mobile Unknown link cisagov 2021-12-12
Okta Okta On-Prem MFA Agent < 1.4.6 Affected link cisagov 2021-12-12
Okta Okta RADIUS Server Agent < 2.17.0 Affected link cisagov 2021-12-12
Okta Okta Verify Unknown link cisagov 2021-12-12
Okta Okta Workflows Unknown link cisagov 2021-12-12
Onespan Unknown link cisagov 2022-01-12
Opengear Unknown link cisagov 2022-01-12
OpenMRS TALK Unknown link cisagov 2022-01-12
OpenNMS Unknown link cisagov 2022-01-12
OpenSearch Unknown link cisagov 2022-01-12
OpenText Unknown link cisagov 2021-12-23
Opto 22 GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP < 4.3g 4.3g Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Opto 22 GROOV-AT1, GROOV-AT1-SNAP < 4.3g 4.3g Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Opto 22 GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP < 4.3g 4.3g Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Opto 22 GRV-EPIC-PR1, GRV-EPIC-PR2 < 3.3.2 3.3.2 Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Oracle Unknown link The support document is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
Oracle Enterprise Manager 13.5, 13.4 & 13.3.2 Affected link Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. cisagov 2021-12-17
Oracle Exadata <21.3.4 Affected link Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. cisagov 2021-12-17
Orgavision Unknown link cisagov 2022-01-12
Osirium PAM Unknown link cisagov 2022-01-12
Osirium PEM Unknown link cisagov 2022-01-12
Osirium PPA Unknown link cisagov 2022-01-12
OTRS Unknown link cisagov 2022-01-12
OVHCloud Unknown link cisagov 2022-01-12
OwnCloud Unknown link cisagov 2022-01-12
OxygenXML Author Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Developer Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Editor Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen Content Fusion 2.0, 3.0, 4.1 Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen Feedback Enterprise 1.4.4 & older Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen License Server v22.1 to v24.0 Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen PDF Chemistry v22.1, 23.0, 23.1, 24.0 Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen SDK Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Plugins (see advisory link) Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Publishing Engine Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Web Author Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML WebHelp Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
Paessler PRTG Not Affected link cisagov 2021-12-21
PagerDuty PagerDuty Rundeck 3.3+ Fixed link We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment. cisagov 2021-12-21
PagerDuty PagerDuty SaaS Fixed link We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment cisagov 2021-12-21
Palantir Palantir AI Inference Platform (AIP) All Fixed link Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. cisagov 2021-12-19
Palantir Palantir Apollo Not Affected link No impact, and updates have been deployed for full remediation. cisagov 2021-12-19
Palantir Palantir Foundry All Fixed link No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. cisagov 2021-12-19
Palantir Palantir Gotham All Fixed link No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. cisagov 2021-12-19
Palo-Alto Networks Bridgecrew Not Affected link cisagov 2022-01-12
Palo-Alto Networks CloudGenix Not Affected link cisagov 2022-01-12
Palo-Alto Networks Cortex Data Lake Not Affected link cisagov 2022-01-12
Palo-Alto Networks Cortex XDR Agent Not Affected link cisagov 2022-01-12
Palo-Alto Networks Cortex Xpanse Not Affected link cisagov 2022-01-12
Palo-Alto Networks Cortex XSOAR Not Affected link cisagov 2022-01-12
Palo-Alto Networks Exact Data Matching CLI 1.2 Fixed link cisagov 2022-01-12
Palo-Alto Networks Expedition Not Affected link cisagov 2022-01-12
Palo-Alto Networks GlobalProtect App Not Affected link cisagov 2022-01-12
Palo-Alto Networks IoT Security Not Affected link cisagov 2022-01-12
Palo-Alto Networks Okyo Grade Not Affected link cisagov 2022-01-12
Palo-Alto Networks Palo-Alto Networks-DB Private Cloud Not Affected link cisagov 2022-01-12
Palo-Alto Networks Palo-Alto Networks-OS for Firewall and Wildfire Not Affected link cisagov 2022-01-12
Palo-Alto Networks Palo-Alto Networks-OS for Panorama 9.0.15, 9.1.12-h3, 10.0.8-h8 Fixed link Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. cisagov 2021-12-15
Palo-Alto Networks Prisma Access Not Affected link cisagov 2022-01-12
Palo-Alto Networks Prisma Cloud Not Affected link cisagov 2022-01-12
Palo-Alto Networks Prisma Cloud Compute Not Affected link cisagov 2022-01-12
Palo-Alto Networks Prisma SD-WAN (CloudGenix) Not Affected link cisagov 2022-01-12
Palo-Alto Networks SaaS Security Not Affected link cisagov 2022-01-12
Palo-Alto Networks User-ID Agent Not Affected link cisagov 2022-01-12
Palo-Alto Networks WildFire Appliance Not Affected link cisagov 2022-01-12
Palo-Alto Networks WildFire Cloud Not Affected link cisagov 2022-01-12
Panasonic KX-HDV100 Not Affected link cisagov 2022-01-20
Panasonic KX-HDV130 Not Affected link cisagov 2022-01-20
Panasonic KX-HDV230 Not Affected link cisagov 2022-01-20
Panasonic KX-HDV330 Not Affected link cisagov 2022-01-20
Panasonic KX-HDV340 Not Affected link cisagov 2022-01-20
Panasonic KX-HDV430 Not Affected link cisagov 2022-01-20
Panasonic KX-HDV800 Not Affected link cisagov 2022-01-20
Panasonic KX-TGP500 Not Affected link cisagov 2022-01-20
Panasonic KX-TGP550 Not Affected link cisagov 2022-01-20
Panasonic KX-TGP600 Not Affected link cisagov 2022-01-20
Panasonic KX-TGP700 Not Affected link cisagov 2022-01-20
Panasonic KX-UDS124 Not Affected link cisagov 2022-01-20
Panasonic KX-UT113 Not Affected link cisagov 2022-01-20
Panasonic KX-UT123 Not Affected link cisagov 2022-01-20
Panasonic KX-UT133 Not Affected link cisagov 2022-01-20
Panasonic KX-UT136 Not Affected link cisagov 2022-01-20
Panasonic KX-UT248 Not Affected link cisagov 2022-01-20
Panasonic KX-UT670 Not Affected link cisagov 2022-01-20
Panopto All Unknown link cisagov 2022-01-12
PaperCut PaperCut Hive Not Affected link cisagov 2021-12-16
PaperCut PaperCut MF 21.0 and later Affected link Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. cisagov 2021-12-16
PaperCut PaperCut MobilityPrint Not Affected link cisagov 2021-12-16
PaperCut PaperCut MultiVerse Not Affected link cisagov 2021-12-16
PaperCut PaperCut NG 21.0 and later Affected link Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. cisagov 2021-12-16
PaperCut PaperCut Online Services Not Affected link cisagov 2021-12-16
PaperCut PaperCut Pocket Not Affected link cisagov 2021-12-16
PaperCut PaperCut Print Logger Not Affected link cisagov 2021-12-16
PaperCut PaperCut Views Not Affected link cisagov 2021-12-16
Parallels Remote Application Server Not Affected link cisagov 2022-01-12
Parse.ly All Unknown link cisagov 2022-01-12
PBXMonitor RMM for 3CX PBX Not Affected link Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. cisagov 2021-12-22
PDQ Deploy Unknown link cisagov 2021-12-16
PDQ Inventory Unknown link cisagov 2021-12-16
Pega Platform 7.3.x - 8.6.x Fixed link Hotfixes made available for registered customers by Pega. When using Stream nodes, the embedded Kafka instances require a separate hotfix to be installed. cisagov 2022-01-12
Pentaho All Unknown link cisagov 2022-01-12
Pepperl+Fuchs All Unknown link cisagov 2021-12-21
Percona All Unknown link cisagov 2022-01-12
Personio All Fixed link cisagov 2022-01-12
Pexip Endpoint Activation Not Affected link cisagov 2022-01-12
Pexip Eptools Not Affected link cisagov 2022-01-12
Pexip Infinity Not Affected link cisagov 2022-01-12
Pexip Infinity Connect Client Not Affected link cisagov 2022-01-12
Pexip Microsoft Teams Connector Not Affected link cisagov 2022-01-12
Pexip My Meeting Video Not Affected link cisagov 2022-01-12
Pexip Reverse Proxy and TURN Server Not Affected link cisagov 2022-01-12
Pexip Service All Fixed link cisagov 2022-01-12
Pexip VMR Self-Service Portal Not Affected link cisagov 2022-01-12
Phenix Id All Unknown link cisagov 2022-01-12
Philips Event Analytics (All VUE PACS Versions) All Affected link cisagov 2021-12-13
Philips HealthSuite Marketplace 1.2 Fixed link Philips hosting environment has deployed a patch. cisagov 2021-12-13
Philips IntelliBridge Enterprise B.13, B.15 Affected link Software only products with customer owned Operating Systems. For products solutions where the server was provided it is customer responsibility to validate and deploy patches. cisagov 2021-12-13
Philips IntelliSite Pathology Solution 5.1 L1 Affected link cisagov 2021-12-13
Philips IntelliSpace Enterprise v11 and above Fixed link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. cisagov 2021-12-13
Philips IntelliSpace PACS Fixed link Philips hosting environment is evaluating the VMware provided workaround and in the process of deploying for managed service customers. cisagov 2021-12-13
Philips IntelliSpace Portal Server/workstation v9 and above Fixed link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. cisagov 2021-12-13
Philips Pathology De-identifier 1.0 L1 Affected link cisagov 2021-12-13
Philips Performance Bridge 2.0 with Practice, 3.0 Fixed link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. cisagov 2021-12-13
Philips Pinnacle 18.x Affected link cisagov 2021-12-13
Philips Protocol Analytics 1.1 Fixed link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. Information or patch available in Inleft. Please contact your local service support team. cisagov 2021-12-13
Philips Protocol Applications 1.1 Affected link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. cisagov 2021-12-13
Philips Report Analytics (All VUE PACS Versions) All Affected link cisagov 2021-12-13
Philips RIS Clinic Affected link cisagov 2021-12-13
Philips Scanner Protocol Manager 1.1 Affected link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. cisagov 2021-12-13
Philips Tasy EMR Affected link Software only products with customer owned Operating Systems. For products solutions where the server was provided by Philips, it will be Philips responsibility to validate and provide patches. cisagov 2021-12-13
Philips Univeral Data Manager (UDM) Affected link Philips hosting environment is evaluating the VMware provided workaround and in the process of deploying for managed service customers. cisagov 2021-12-13
Philips VuePACS 12.2.8 Affected link cisagov 2021-12-13
PHOENIX CONTACT Cloud Services Fixed link Cloud Services were either not vulnerable or are completely fixed. No exploits observed. cisagov 2021-12-22
PHOENIX CONTACT Physical products containing firmware Not Affected link cisagov 2021-12-22
PHOENIX CONTACT Software Products Not Affected link cisagov 2021-12-22
Ping Identity PingAccess 4.0 <= version <= 6.3.2 Fixed link cisagov 2021-12-15
Ping Identity PingCentral Fixed link cisagov 2021-12-15
Ping Identity PingFederate 8.0 <= version <= 10.3.4 Fixed link cisagov 2021-12-15
Ping Identity PingFederate Java Integration Kit < 2.7.2 Fixed link cisagov 2021-12-15
Ping Identity PingFederate OAuth Playground < 4.3.1 Fixed link cisagov 2021-12-15
Ping Identity PingIntelligence Fixed link cisagov 2021-12-15
Pitney Bowes All Unknown link cisagov 2022-01-12
Planmeca All Unknown link cisagov 2022-01-12
Planon Software Planon Universe Not Affected link This advisory is available for customers only and has not been reviewed by CISA cisagov 2022-01-12
Platform.SH All Unknown link cisagov 2022-01-12
Plesk All Unknown link cisagov 2022-01-12
Plex Plex Industrial IoT Not Affected link This advisory is available to customer only and has not been reviewed by CISA. Mitigation already applied, patch available. cisagov 2021-12-15
Plex Plex Media Server Not Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
Polycom Cloud Relay (OTD and RealConnect hybrid use case) Unknown link cisagov 2022-01-12
Polycom Poly Clariti Core/Edge (a.k.a. DMA/CCE) 9.0 and above Fixed link cisagov 2022-01-12
Polycom Poly Clariti Relay 1.0.2 Fixed link cisagov 2022-01-12
Polycom Poly RealConnect for Microsoft Teams and Skype for Business Fixed link cisagov 2022-01-12
Polycom RealAccess Fixed link cisagov 2022-01-12
Portainer All Unknown link cisagov 2022-01-12
PortSwigger All Unknown link cisagov 2022-01-12
Postgres PostgreSQL JDBC Not Affected link cisagov 2022-01-12
Postman All Unknown link cisagov 2022-01-12
Power Admin LLC PA File Sight Not Affected link cisagov 2021-12-17
Power Admin LLC PA Server Monitor Not Affected link cisagov 2021-12-17
Power Admin LLC PA Storage Monitor Not Affected link cisagov 2021-12-17
PowerDNS dnsdist Not Affected link cisagov 2021-12-17
PowerDNS metronome Not Affected link cisagov 2021-12-17
PowerDNS PowerDNS Authoritative Server Not Affected link cisagov 2021-12-17
PowerDNS PowerDNS Recursor Not Affected link cisagov 2021-12-17
Pretix All Unknown link cisagov 2022-01-12
PrimeKey All Unknown link cisagov 2022-01-12
Procentec (HMS Group) All Not Affected link cisagov 2022-01-12
Progress DataDirect Hybrid Data Pipeline Fixed link cisagov 2022-01-12
Progress OpenEdge Fixed link cisagov 2022-01-12
ProofPoint Archiving Appliance Affected link cisagov 2022-01-26
ProofPoint Archiving Backend Fixed link cisagov 2022-01-26
ProofPoint Cloud App Security Broker Fixed link cisagov 2022-01-26
ProofPoint Cloudmark Cloud/Cloudmark Hybrid Fixed link cisagov 2022-01-26
ProofPoint Cloudmark On-Premise Not Affected link cisagov 2022-01-26
ProofPoint Compliance Gateway Fixed link cisagov 2022-01-26
ProofPoint Content Patrol Not Affected link cisagov 2022-01-26
ProofPoint Data Discover Not Affected link cisagov 2022-01-26
ProofPoint DLP Core Engine Not Affected link cisagov 2022-01-26
ProofPoint Email Community Fixed link cisagov 2022-01-26
ProofPoint Email Fraud Defense (EFD) Not Affected link cisagov 2022-01-26
ProofPoint Email Protecton OnDemand (PoD), including Email DLP and Email Encryption Fixed link cisagov 2022-01-26
ProofPoint Email Security Relay Fixed link cisagov 2022-01-26
ProofPoint Endpoint DLP Not Affected link cisagov 2022-01-26
ProofPoint Essentials Archive Fixed link cisagov 2022-01-26
ProofPoint Essentials Email Not Affected link cisagov 2022-01-26
ProofPoint Insider Threat Management Saas Fixed link cisagov 2022-01-26
ProofPoint Insiders Threat Management On-Premise Not Affected link cisagov 2022-01-26
ProofPoint Isolation Not Affected link cisagov 2022-01-26
ProofPoint ITM Saas Endpoint Agents Not Affected link cisagov 2022-01-26
ProofPoint Mail Protection On-Premise (PPS), including Email DLP and Email Encryption Fixed link cisagov 2022-01-26
ProofPoint Meta/ZTNA Not Affected link cisagov 2022-01-26
ProofPoint Nexus People Risk Explorer Not Affected link cisagov 2022-01-26
ProofPoint Secure Email Relay Fixed link cisagov 2022-01-26
ProofPoint Secure Share Not Affected link cisagov 2022-01-26
ProofPoint Security Awareness Training Fixed link cisagov 2022-01-26
ProofPoint Sentrion Fixed link cisagov 2022-01-26
ProofPoint Social Discover Not Affected link cisagov 2022-01-26
ProofPoint Social Patrol Not Affected link cisagov 2022-01-26
ProofPoint Targeted Attack Protection (TAP) Not Affected link cisagov 2022-01-26
ProofPoint Threat Response (TRAP) Not Affected link cisagov 2022-01-26
ProofPoint Web Gateway Fixed link cisagov 2022-01-26
ProofPoint Web Security Fixed link cisagov 2022-01-26
ProSeS All Unknown link cisagov 2022-01-12
Prosys All Unknown link cisagov 2022-01-12
Proxmox Backup Server Not Affected link cisagov 2022-01-12
Proxmox Mail Gateway Not Affected link cisagov 2022-01-12
Proxmox VE Not Affected link cisagov 2022-01-12
PRTG Paessler All Unknown link cisagov 2022-01-12
PTC ACA Client Fixed link cisagov 2021-12-17
PTC Adapter Toolkit Fixed link cisagov 2021-12-17
PTC AdaWorld Not Affected link cisagov 2021-12-17
PTC ApexAda Not Affected link cisagov 2021-12-17
PTC Arbortext Editor, Styler, and Publishing Engine >8.0.0.0 Fixed link cisagov 2021-12-17
PTC Arena Not Affected link cisagov 2021-12-17
PTC Axeda Fixed link cisagov 2021-12-17
PTC Axeda Platform 6.9.2 Affected link cisagov 2021-12-17
PTC Creo Elements/Direct Model Manager Fixed link cisagov 2021-12-17
PTC Creo Parametric Unknown link cisagov 2021-12-17
PTC Creo View Not Affected link cisagov 2021-12-17
PTC Flexnet License Server Fixed link cisagov 2021-12-17
PTC FlexPLM 12.0.2.2 (CPS03), 12.0.2.3 Affected link cisagov 2021-12-17
PTC FlexPLM Not Affected link cisagov 2021-12-17
PTC FlexPLM 12.0.2.0 (CPS01 and CPS02) Fixed link cisagov 2021-12-17
PTC Implementer Unknown link cisagov 2021-12-17
PTC Intellicus >=19.1 SP11 Fixed link cisagov 2021-12-17
PTC OnShape Not Affected link cisagov 2021-12-17
PTC Servigistics Service Parts Management 12.1, 12.2 Fixed link cisagov 2021-12-17
PTC Servigistics Service Parts Pricing 12.1, 12.2 Fixed link cisagov 2021-12-17
PTC ThingWorx Advisor Apps Not Affected link cisagov 2021-12-17
PTC ThingWorx Agents Not Affected link cisagov 2021-12-17
PTC ThingWorx Analytics 8.5, 9.0, 9.1, 9.2 Fixed link cisagov 2021-12-17
PTC ThingWorx DPM Not Affected link cisagov 2021-12-17
PTC ThingWorx Extensions Fixed link cisagov 2021-12-17
PTC ThingWorx Flow Not Affected link cisagov 2021-12-17
PTC ThingWorx Kepware <=1.3 Fixed link cisagov 2021-12-17
PTC ThingWorx Manufacturing Apps Not Affected link cisagov 2021-12-17
PTC ThingWorx Navigate 9.1, 9.2 Fixed link cisagov 2021-12-17
PTC ThingWorx Ping Federate Integration >=9.1 Fixed link cisagov 2021-12-17
PTC ThingWorx Platform >=8.5.7 Fixed link cisagov 2021-12-17
PTC ThingWorx Platform High Availability Not Affected link cisagov 2021-12-17
PTC WCTK Not Affected link cisagov 2021-12-17
PTC Windchill PDMLink 12.0.2.2 (CPS03) Affected link cisagov 2021-12-17
PTC Windchill PDMLink 12.0.2.0 (CPS01 & CPS02) Fixed link cisagov 2021-12-17
PTC Windchill PDMLink Not Affected link cisagov 2021-12-17
PTC Windchill Performance Advisor Not Affected link cisagov 2021-12-17
PTC Windchill Rest Services Not Affected link cisagov 2021-12-17
PTC Windchill RV&S(Integrity Lifcycle Manager) 4.6/8.6 4.6 SP0 to 12.5 Fixed link cisagov 2021-12-17
PTC Windchill Workgroup Manager Not Affected link cisagov 2021-12-17
PTV Group Map&Market > 2017 Affected link cisagov 2022-01-12
PTV Group Map&Market Not Affected link cisagov 2022-01-12
PTV Group PTV Arrival Board Not Affected link cisagov 2022-01-12
PTV Group PTV Balance Not Affected link cisagov 2022-01-12
PTV Group PTV Content Update Service 2 (on prem) Fixed link cisagov 2022-01-12
PTV Group PTV Developer Fixed link cisagov 2022-01-12
PTV Group PTV Drive&Arrive Not Affected link cisagov 2022-01-12
PTV Group PTV Drive&Arrive App Not Affected link cisagov 2022-01-12
PTV Group PTV EM Portal Not Affected link cisagov 2022-01-12
PTV Group PTV Epics Not Affected link cisagov 2022-01-12
PTV Group PTV Hyperpath Not Affected link cisagov 2022-01-12
PTV Group PTV MaaS Modeller Affected link cisagov 2022-01-12
PTV Group PTV Map&Guide Intranet Not Affected link cisagov 2022-01-12
PTV Group PTV Navigator App Not Affected link cisagov 2022-01-12
PTV Group PTV Navigator License Manager Not Affected link cisagov 2022-01-12
PTV Group PTV Optima Not Affected link cisagov 2022-01-12
PTV Group PTV Road Editor Not Affected link cisagov 2022-01-12
PTV Group PTV Route Optimiser CL Affected link cisagov 2022-01-12
PTV Group PTV Route Optimiser ST on prem xServer2 Fixed link cisagov 2022-01-12
PTV Group PTV Route Optimiser ST (TourOpt) Not Affected link cisagov 2022-01-12
PTV Group PTV Route Optimizer Saas/Demonstrator Fixed link cisagov 2022-01-12
PTV Group PTV TLN Planner Internet Fixed link cisagov 2022-01-12
PTV Group PTV TRE Not Affected link cisagov 2022-01-12
PTV Group PTV Tre-Addin Not Affected link cisagov 2022-01-12
PTV Group PTV Trip Creator Not Affected link cisagov 2022-01-12
PTV Group PTV Vissim Not Affected link cisagov 2022-01-12
PTV Group PTV Vistad Euska Not Affected link cisagov 2022-01-12
PTV Group PTV Vistro Not Affected link cisagov 2022-01-12
PTV Group PTV Visum Not Affected link cisagov 2022-01-12
PTV Group PTV Visum Publisher Fixed link cisagov 2022-01-12
PTV Group PTV Viswalk Not Affected link cisagov 2022-01-12
PTV Group PTV xServer 1.34 (on prem), 2 (on prem) Fixed link cisagov 2022-01-12
PTV Group PTV xServer Not Affected link cisagov 2022-01-12
PTV Group PTV xServer Internet 1 Fixed link cisagov 2022-01-12
PTV Group PTV xServer Internet 2 Fixed link cisagov 2022-01-12
Pulse Secure Ivanti Connect Secure (ICS) Not Affected link cisagov 2022-01-12
Pulse Secure Ivanti Neurons for Secure Access Not Affected link cisagov 2022-01-12
Pulse Secure Ivanti Neurons for ZTA Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Connect Secure Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Desktop Client Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Mobile Client Not Affected link cisagov 2022-01-12
Pulse Secure Pulse One Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Policy Secure Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Secure Services Director Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Secure Virtual Traffic Manager Not Affected link cisagov 2022-01-12
Pulse Secure Pulse Secure Web Application Firewall Not Affected link cisagov 2022-01-12
Pulse Secure Pulse ZTA Not Affected link cisagov 2022-01-12
Puppet Agents Not Affected link cisagov 2022-01-12
Puppet Continuous Delivery for Puppet Enterprise 3.x, < 4.10.2 Fixed link cisagov 2022-01-12
Puppet Enterprise Not Affected link cisagov 2022-01-12
Pure Storage Cloud Blockstore CBS6.1.x, CBS6.2.x Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
Pure Storage Flash Array 5.3.x, 6.0.x, 6.1.x, 6.2.x Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
Pure Storage Flash Blade 3.1.x, 3.2.x, 3.3.x Affected link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
Pure Storage PortWorx 2.8.0+ Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
Pure Storage Pure1 Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
Pure Storage VM Analytics OVA Collector < v3.1.4 Fixed link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
PuTTY All Not Affected link cisagov 2022-01-12
Pyramid Analytics All Not Affected link cisagov 2022-01-12
Qconference FaceTalk Fixed link cisagov 2021-12-16
QF-Test All Unknown link cisagov 2022-01-12
Qlik AIS, including ARC Not Affected link cisagov 2021-12-15
Qlik Attunity Visibility Not Affected link cisagov 2021-12-15
Qlik AutoML Not Affected link cisagov 2021-12-15
Qlik Blendr Not Affected link cisagov 2021-12-15
Qlik C4DL 6.6 Fixed link cisagov 2021-12-15
Qlik C4DW 6.6, 6.6.1, 7.0 Fixed link cisagov 2021-12-15
Qlik Catalog 4.10.0, 4.10.1, 4.10.2, 4.11.0, 4.11.1, 4.12.0, 4.12.1 Fixed link cisagov 2021-12-15
Qlik Compose 2021.2, 2021.5, 2021.8 Fixed link cisagov 2021-12-15
Qlik Compose for Data Lakes Not Affected link cisagov 2021-12-15
Qlik Compose for Data Wharehouses Not Affected link cisagov 2021-12-15
Qlik GeoAnalytics Plus 5.26.5, 5.27.5 - 5.28.2, 5.29.4 - 5.30.1, 5.31.1, 5.31.2 Fixed link cisagov 2021-12-15
Qlik GeoAnalytics Server 4.19.1 - 4.27.3, 4.23.4, 4.32.3 Fixed link cisagov 2021-12-15
Qlik Nodegraph Not Affected link cisagov 2021-12-15
Qlik Nprinting Not Affected link cisagov 2021-12-15
Qlik ODBC Connector Package Not Affected link cisagov 2021-12-15
Qlik QEM 6.6, 7.0, 2021.5, 2021.11 Fixed link cisagov 2021-12-15
Qlik Qlik Alerting Not Affected link cisagov 2021-12-15
Qlik Qlik Catalog Not Affected link cisagov 2021-12-15
Qlik Qlik Data Transfer Not Affected link cisagov 2021-12-15
Qlik Qlik Enterprise Manager 6.6, 7.0, 2021.5, 2021.11 Fixed link cisagov 2021-12-15
Qlik Qlik Forts Not Affected link cisagov 2021-12-15
Qlik Qlik RepliWeb and ARC Not Affected link cisagov 2021-12-15
Qlik Qlik Sense Business Not Affected link cisagov 2021-12-15
Qlik Qlik Sense Enterprise Not Affected link cisagov 2021-12-15
Qlik Qlik Sense Enterprise SaaS Not Affected link cisagov 2021-12-15
Qlik Qlik View Not Affected link cisagov 2021-12-15
Qlik Qlik Web Connectors Not Affected link cisagov 2021-12-15
Qlik Replicate 6.6, 7.0, 2021.5, 2021.11 Fixed link cisagov 2021-12-15
Qlik REST Connectors Not Affected link cisagov 2021-12-15
Qlik Salesforce and SAP Connectors Not Affected link Connectos are not affected. cisagov 2021-12-15
QMATIC Appointment Booking 2.4+ Fixed link Update to v. 2.8.2 which contains log4j 2.16 cisagov 2021-12-21
QMATIC Appointment Booking Cloud/Managed Service Fixed link log4j 2.16 applied 2021-12-15 cisagov 2021-12-21
QMATIC Insights Cloud Fixed link log4j 2.16 applied 2021-12-16 cisagov 2021-12-21
QMATIC Orchestra Central Not Affected link cisagov 2021-12-21
QNAP QES Operating System Not Affected link cisagov 2022-01-12
QNAP Qsirch Not Affected link cisagov 2022-01-12
QNAP QTS Operating System Not Affected link cisagov 2022-01-12
QNAP QuTS Hero Operating System Not Affected link cisagov 2022-01-12
QOPPA All Unknown link cisagov 2022-01-12
QOS.ch SLF4J Simple Logging Facade for Java Unknown link cisagov 2022-01-12
QSC Q-SYS All Unknown link cisagov 2022-01-12
QT All Unknown link cisagov 2022-01-12
Quest Foglight Unknown link cisagov 2022-01-12
Quest Foglight 6.0 Fixed link cisagov 2022-01-12
Quest Quest KACE SMA Not Affected link cisagov 2022-01-12
R R Not Affected link cisagov 2021-12-21
R2ediviewer Unknown link cisagov 2022-01-12
Radware Unknown link cisagov 2022-01-12
Rapid7 AlcidekArt, kAdvisor, and kAudit Not Affected link cisagov 2021-12-15
Rapid7 AppSpider Enterprise Not Affected link cisagov 2021-12-15
Rapid7 AppSpider Pro Not Affected link cisagov 2021-12-15
Rapid7 Insight Agent Not Affected link cisagov 2021-12-15
Rapid7 InsightAppSec Scan Engine Not Affected link cisagov 2021-12-15
Rapid7 InsightAppSec Scan Engine Not Affected link cisagov 2021-12-15
Rapid7 InsightCloudSec/DivvyCloud Not Affected link cisagov 2021-12-15
Rapid7 InsightConnect Orchestrator Not Affected link cisagov 2021-12-15
Rapid7 InsightIDR Network Sensor Not Affected link cisagov 2021-12-15
Rapid7 InsightIDR/InsightOps Collector & Event Sources Not Affected link cisagov 2021-12-15
Rapid7 InsightOps DataHub InsightOps DataHub <= 2.0 Affected link Upgrade DataHub to version 2.0.1 using the following instructions. cisagov 2021-12-15
Rapid7 InsightOps non-Java logging libraries Not Affected link cisagov 2021-12-15
Rapid7 InsightOps r7insight_java logging library <=3.0.8 Affected link Upgrade r7insight_java to 3.0.9 cisagov 2021-12-15
Rapid7 InsightVM Kubernetes Monitor Not Affected link cisagov 2021-12-15
Rapid7 InsightVM/Nexpose Not Affected link cisagov 2021-12-15
Rapid7 InsightVM/Nexpose Console Not Affected link Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. cisagov 2021-12-15
Rapid7 InsightVM/Nexpose Engine Not Affected link Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. cisagov 2021-12-15
Rapid7 IntSights virtual appliance Not Affected link cisagov 2021-12-15
Rapid7 Logentries DataHub Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 Affected link Linux: Install DataHub_1.2.0.822.deb using the following instructions. Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these instructions. You can find more details here. cisagov 2021-12-15
Rapid7 Logentries le_java logging library All versions: this is a deprecated component Affected link Migrate to version 3.0.9 of r7insight_java cisagov 2021-12-15
Rapid7 Metasploit Framework Not Affected link cisagov 2021-12-15
Rapid7 Metasploit Pro Not Affected link Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. cisagov 2021-12-15
Rapid7 tCell Java Agent Not Affected link cisagov 2021-12-15
Rapid7 Velociraptor Not Affected link cisagov 2021-12-15
Raritan Unknown link cisagov 2022-01-12
Ravelin Unknown link cisagov 2022-01-12
Real-Time Innovations (RTI) Distributed Logger Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) Recording Console Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Administration Console Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Code Generator Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Code Generator Server Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Micro Application Generator (MAG) as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 Affected link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Micro Application Generator (MAG) as part of RTI Connext Professional 6.0.0 and 6.0.1 Affected link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Monitor Unknown link cisagov 2021-12-16
Red Hat log4j-core Unknown link cisagov 2021-12-21
Red Hat Red Hat Integration Camel K Unknown link RHSA-2021:5130 cisagov 2021-12-21
Red Hat Red Hat build of Quarkus Unknown link cisagov 2021-12-20
Red Hat Red Hat CodeReady Studio 12.21.0 Fixed link CRS 12.21.1 Patch cisagov 2021-12-21
Red Hat Red Hat Data Grid 8 Fixed link RHSA-2021:5132 cisagov 2021-12-21
Red Hat Red Hat Decision Manager Not Affected link cisagov 2021-12-20
Red Hat Red Hat Enterprise Linux Not Affected link cisagov 2021-12-20
Red Hat Red Hat Enterprise Linux Not Affected link cisagov 2021-12-20
Red Hat Red Hat Enterprise Linux Not Affected link cisagov 2021-12-20
Red Hat Red Hat Integration Camel Quarkus Unknown link RHSA-2021:5126 cisagov 2021-12-21
Red Hat Red Hat JBoss A-MQ Streaming Unknown link RHSA-2021:5138 cisagov 2021-12-21
Red Hat Red Hat JBoss Enterprise Application Platform 7 Fixed link Maven Patch - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. cisagov 2021-12-21
Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack Not Affected link cisagov 2021-12-20
Red Hat Red Hat JBoss Fuse 7 Fixed link RHSA-2021:5134 cisagov 2021-12-21
Red Hat Red Hat Process Automation 7 Fixed link Maven Patch - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. cisagov 2021-12-21
Red Hat Red Hat Single Sign-On Not Affected link cisagov 2021-12-21
Red Hat Red Hat Vert.X 4 Fixed link RHSA-2021:5093 cisagov 2021-12-21
Red Hat Satellite 5 Unknown link cisagov 2021-12-21
Red Hat Spacewalk Unknown link cisagov 2021-12-21
Red Hat OpenShift Container Platform 3.11 openshift3/ose-logging-elasticsearch5 Unknown link RHSA-2021:5094 cisagov 2021-12-21
Red Hat OpenShift Container Platform 4 openshift4/ose-logging-elasticsearch6 Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenShift Container Platform 4 openshift4/ose-metering-hive Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenShift Container Platform 4 openshift4/ose-metering-presto Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenShift Logging logging-elasticsearch6-container Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenStack Platform 13 (Queens) opendaylight Unknown link End of Life cisagov 2021-12-21
Red Hat Software Collections rh-java-common-log4j Unknown link cisagov 2021-12-21
Red Hat Software Collections rh-maven35-log4j12 Unknown link cisagov 2021-12-21
Red Hat Software Collections rh-maven36-log4j12 Unknown link cisagov 2021-12-21
Red5Pro Unknown link cisagov 2022-01-12
RedGate Unknown link cisagov 2022-01-12
Redis Unknown link cisagov 2022-01-12
Reiner SCT Unknown link cisagov 2022-01-12
ReportURI Unknown link cisagov 2022-01-12
ResMed AirView Unknown link cisagov 2021-12-21
ResMed myAir Unknown link cisagov 2021-12-21
Respondus Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Revenera / Flexera Unknown link cisagov 2022-01-12
Ricoh Unknown link cisagov 2022-01-12
RingCentral Unknown link cisagov 2022-01-12
Riverbed Unknown link cisagov 2022-01-12
Rockwell Automation FactoryTalk Analytics DataFlowML 4.00.00 Affected link cisagov 2021-12-15
Rockwell Automation FactoryTalk Analytics DataView 3.03.00 Affected link cisagov 2021-12-15
Rockwell Automation Industrial Data Center Gen 1, Gen 2, Gen 3, Gen 3.5 Fixed link cisagov 2021-12-15
Rockwell Automation MES EIG 3.03.00 Affected link Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. cisagov 2021-12-15
Rockwell Automation VersaVirtual Series A Fixed link cisagov 2021-12-15
Rockwell Automation Warehouse Management 4.01.00, 4.02.00, 4.02.01, 4.02.02 Affected link cisagov 2021-12-15
Rollbar Unknown link cisagov 2022-01-12
Rosette.com Unknown link cisagov 2022-01-12
RSA SecurID Authentication Manager Unknown cisagov 2022-01-12
RSA SecurID Authentication Manager Prime Unknown cisagov 2022-01-12
RSA SecurID Authentication Manager WebTier Unknown cisagov 2022-01-12
RSA SecurID Governance and Lifecycle Unknown cisagov 2022-01-12
RSA SecurID Governance and Lifecycle Cloud Unknown cisagov 2022-01-12
RSA SecurID Identity Router Unknown cisagov 2022-01-12
RSA Netwitness Unknown link cisagov 2022-01-12
Rstudioapi Rstudioapi Not Affected link cisagov 2021-12-21
Rubrik Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Ruckus Virtual SmartZone (vSZ) 5.1 to 6.0 Affected link cisagov 2021-12-13
RunDeck by PagerDuty Unknown link cisagov 2022-01-12
Runecast Runecast Analyzer 6.0.3 Fixed link cisagov 2022-01-12
SAE-IT Unknown link cisagov 2022-01-12
SAFE FME Server Unknown link cisagov 2022-01-12
SAGE Unknown link cisagov 2022-01-12
SailPoint Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Salesforce Analytics Cloud All Fixed link Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce B2C Commerce Cloud All Fixed link B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce ClickSoftware (As-a-Service) All Fixed link ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce ClickSoftware (On-Premise) All Fixed link ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here. cisagov 2022-01-26
Salesforce Data.com All Fixed link Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce DataLoader >=53.0.2 Fixed link This version is for use with Salesforce Winter '22 or higher release through Salesforce Force Partner API and Force WSC v53.0.0. It contains the fix for CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 by upgrading to log4j 2.17.0. cisagov 2022-01-26
Salesforce Datorama All Fixed link Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Evergage (Interaction Studio) All Fixed link Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Experience (Community) Cloud All Fixed link Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Force.com All Fixed link Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader. cisagov 2022-01-26
Salesforce Heroku Not Affected link Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. cisagov 2022-01-26
Salesforce Marketing Cloud All Fixed link Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046. cisagov 2022-01-26
Salesforce MuleSoft (Cloud) All Fixed link MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. cisagov 2022-01-26
Salesforce MuleSoft (On-Premise) All Fixed link MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. cisagov 2022-01-26
Salesforce Pardot All Fixed link Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Sales Cloud All Fixed link Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Service Cloud All Fixed link Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Slack All Fixed link Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here. cisagov 2022-01-26
Salesforce Social Studio All Fixed link Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Tableau (On-Premise) < 2021.4.1 Fixed link Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. cisagov 2021-12-16
Salesforce Tableau (Online) All Fixed link Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Samsung Electronics America Knox Admin Portal Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Asset Intelligence Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Configure Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox E-FOTA One Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Guard Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox License Management Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Manage Cloud Fixed link cisagov 2022-01-17
Samsung Electronics America Knox Managed Services Provider (MSP) Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Mobile Enrollment Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Reseller Portal Cloud Fixed link cisagov 2022-01-17
Sangoma Unknown link cisagov 2022-01-12
SAP Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAP Advanced Platform Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAP BusinessObjects Unknown link The support document is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAS Unknown link cisagov 2022-01-12
SASSAFRAS Unknown link cisagov 2022-01-12
Savignano software solutions Unknown link cisagov 2022-01-12
SBT SBT <1.5.6 Affected link cisagov 2021-12-15
ScaleComputing Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
ScaleFusion MobileLock Pro Unknown link cisagov 2022-01-12
Schneider Electric EASYFIT Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Ecoreal XL Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric EcoStruxure IT Expert Cloud Fixed cisagov 2021-12-20
Schneider Electric EcoStruxure IT Gateway V1.5.0 to V1.13.0 Fixed link cisagov 2021-12-20
Schneider Electric Eurotherm Data Reviewer V3.0.2 and prior Affected link cisagov 2021-12-20
Schneider Electric Facility Expert Small Business Cloud Fixed link cisagov 2021-12-20
Schneider Electric MSE Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric NetBotz750/755 Software versions 5.0 through 5.3.0 Affected link cisagov 2021-12-20
Schneider Electric NEW630 Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK BOM Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-Docgen Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-TNC Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-UMS Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK3D2DRenderer Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK3D360Widget Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Select and Config DATA Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNC-API Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNC-CMM Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNCSEMTECH Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SPIMV3 Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SWBEditor Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SWBEngine Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Wiser by SE platform Cloud Fixed cisagov 2021-12-20
Schweitzer Engineering Laboratories Unknown link cisagov 2021-12-21
SCM Manager Unknown link cisagov 2022-01-12
ScreenBeam Unknown link cisagov 2022-01-12
SDL worldServer Unknown link cisagov 2022-01-12
Seagull Scientific Unknown link cisagov 2022-01-12
SecurePoint Unknown link cisagov 2022-01-12
Security Onion Unknown link cisagov 2022-01-12
Securonix Extended Detection and Response (XDR) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix Next Gen SIEM All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix Security Analytics and Operations Platform (SOAR) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix SNYPR Application Unknown link cisagov 2021-12-10
Securonix User and Entity Behavior Analytics(UEBA) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Seeburger Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2022-01-12
SentinelOne Unknown link cisagov 2022-01-12
Sentry Unknown link cisagov 2022-01-12
SEP Unknown link cisagov 2022-01-12
Server Eye Unknown link cisagov 2022-01-12
ServiceNow Unknown link cisagov 2022-01-12
ServiceTitan ServiceTitan Cloud Fixed link cisagov 2022-02-07
Shibboleth Unknown link cisagov 2022-01-12
Shibboleth All Products Not Affected link cisagov 2021-12-10
Shopify Unknown link cisagov 2022-01-12
Siebel Unknown link cisagov 2022-01-12
Siemens Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-22
Siemens Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-19
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-21
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-20
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-16
Siemens Healthineers ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 Unknown link If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. cisagov 2021-12-22
Siemens Healthineers CENTRALINK v16.0.2 / v16.0.3 Unknown link If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. cisagov 2021-12-22
Siemens Healthineers Cios Flow S1 / Alpha / Spin VA30 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Cios Select FD/I.I. VA21 / VA21-S3P Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers DICOM Proxy VB10A Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers go.All, Som10 VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Fit, Som10 VA30 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Now, Som10 VA10 / VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Open Pro, Som10 VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Sim, Som10 VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Up, Som10 VA10 / VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Altea NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Amira NUMARIS/X VA12M Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Free.Max NUMARIS/X VA40 Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Lumina NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sempra NUMARIS/X VA12M Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sola fit NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sola NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Vida fit NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Vida NUMARIS/X VA10A* / VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Somatom Emotion Som5 VC50 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Somatom Scope Som5 VC50 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers Syngo MobileViewer VA10A Unknown link The vulnerability will be patch/mitigated in upcoming releases/patches. cisagov 2021-12-22
Siemens Healthineers syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 Unknown link Please contact your Customer Service to get support on mitigating the vulnerability. cisagov 2021-12-22
Siemens Healthineers syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers syngo.via WebViewer VA13B / VA20A / VA20B Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers X.Ceed Somaris 10 VA40* Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers X.Cite Somaris 10 VA30*/VA40* Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Sierra Wireless Unknown link cisagov 2022-01-12
Sierra Wireless AirVantage and Octave cloud platforms Unknown link These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. cisagov 2022-01-05
Sierra Wireless AM/AMM servers Unknown link cisagov 2022-01-05
Signald Unknown link cisagov 2022-01-12
Silver Peak Orchestrator, Silver Peak GMS Unknown link Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. cisagov 2021-12-14
SingleWire Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
SISCO Unknown link cisagov 2022-01-05
Sitecore Unknown link cisagov 2022-01-12
Skillable Unknown link cisagov 2022-01-12
SLF4J Unknown link cisagov 2022-01-12
Slurm Slurm Not Affected link cisagov 2021-12-21
SMA Solar Technology AG Unknown link cisagov 2022-01-05
SmartBear Unknown link cisagov 2022-01-12
SmileCDR Unknown link cisagov 2022-01-12
Sn0m Unknown link cisagov 2022-01-12
Snakemake Snakemake Not Affected link cisagov 2021-12-21
Snow Software Snow Commander 8.1 to 8.10.2 Fixed link cisagov 2022-01-12
Snow Software VM Access Proxy v3.1 to v3.6 Fixed link cisagov 2022-01-12
Snowflake Unknown link cisagov 2022-01-12
Snyk Cloud Platform Unknown link cisagov 2022-01-12
Software AG Unknown link cisagov 2022-01-12
SolarWinds Database Performance Analyzer (DPA) 2021.1.x, 2021.3.x, 2022.1.x Affected link For more information, please see the following KB article: link cisagov 2021-12-23
SolarWinds Orion Platform Unknown link cisagov 2021-12-23
SolarWinds Server & Application Monitor (SAM) SAM 2020.2.6 and later Affected link For more information, please see the following KB article for the latest details specific to the SAM hotfix: link cisagov 2021-12-23
SonarSource Unknown link cisagov 2022-01-12
Sonatype All Products Not Affected link Sonatype uses logback as the default logging solution as opposed to log4j. This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the reported log4j vulnerabilities. We still advise keeping your software upgraded at the latest version. cisagov 2021-12-29
SonicWall Access Points Unknown link Log4j2 not used in the SonicWall Access Points cisagov 2021-12-12
SonicWall Analytics Unknown link Under Review cisagov 2021-12-12
SonicWall Analyzer Unknown link Under Review cisagov 2021-12-12
SonicWall Capture Client & Capture Client Portal Unknown link Log4j2 not used in the Capture Client. cisagov 2021-12-12
SonicWall Capture Security Appliance Unknown link Log4j2 not used in the Capture Security appliance. cisagov 2021-12-12
SonicWall CAS Unknown link Under Review cisagov 2021-12-12
SonicWall Email Security Unknown link ES 10.0.11 and earlier versions are impacted cisagov 2021-12-17
SonicWall Gen5 Firewalls (EOS) Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall Gen6 Firewalls Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall Gen7 Firewalls Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall GMS Unknown link Under Review cisagov 2021-12-12
SonicWall MSW Unknown link Mysonicwall service doesn't use Log4j cisagov 2021-12-12
SonicWall NSM Unknown link NSM On-Prem and SaaS doesn't use a vulnerable version cisagov 2021-12-12
SonicWall SMA 100 Unknown link Log4j2 not used in the SMA100 appliance. cisagov 2021-12-12
SonicWall SMA 1000 Unknown link Version 12.1.0 and 12.4.1 doesn't use a vulnerable version cisagov 2021-12-12
SonicWall SonicCore Unknown link SonicCore doesn't use a Log4j2 cisagov 2021-12-12
SonicWall SonicWall Switch Unknown link Log4j2 not used in the SonicWall Switch. cisagov 2021-12-12
SonicWall WAF Unknown link Under Review cisagov 2021-12-12
SonicWall WNM Unknown link Log4j2 not used in the WNM. cisagov 2021-12-12
SonicWall WXA Unknown link WXA doesn't use a vulnerable version cisagov 2021-12-12
Sophos Cloud Optix Unknown link Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. cisagov 2021-12-12
Sophos Reflexion Unknown link Reflexion does not run an exploitable configuration. cisagov 2021-12-12
Sophos SG UTM (all versions) Unknown link Sophos SG UTM does not use Log4j. cisagov 2021-12-12
Sophos SG UTM Manager (SUM) (all versions) Not Affected link SUM does not use Log4j. cisagov 2021-12-12
Sophos Sophos Central Unknown link Sophos Central does not run an exploitable configuration. cisagov 2021-12-12
Sophos Sophos Firewall (all versions) Unknown link Sophos Firewall does not use Log4j. cisagov 2021-12-12
Sophos Sophos Home Unknown link Sophos Home does not use Log4j. cisagov 2021-12-12
Sophos Sophos Mobile Unknown link Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. cisagov 2021-12-12
Sophos Sophos Mobile EAS Proxy < 9.7.2 Affected link The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. cisagov 2021-12-12
Sophos Sophos ZTNA Unknown link Sophos ZTNA does not use Log4j. cisagov 2021-12-12
SOS Berlin Unknown link cisagov 2022-01-12
Spacelabs Healthcare ABP Not Affected link cisagov 2022-01-05
Spacelabs Healthcare CardioExpress Not Affected link cisagov 2022-01-05
Spacelabs Healthcare DM3 and DM4 Monitors Unknown link cisagov 2022-01-05
Spacelabs Healthcare Eclipse Pro Unknown link cisagov 2022-01-05
Spacelabs Healthcare EVO Unknown link cisagov 2022-01-05
Spacelabs Healthcare Intesys Clinical Suite (ICS) Unknown link cisagov 2022-01-05
Spacelabs Healthcare Intesys Clinical Suite (ICS) Clinical Access Workstations Unknown link cisagov 2022-01-05
Spacelabs Healthcare Lifescreen Pro Unknown link cisagov 2022-01-05
Spacelabs Healthcare Pathfinder SL Unknown link cisagov 2022-01-05
Spacelabs Healthcare Qube Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Qube Mini Not Affected link cisagov 2022-01-05
Spacelabs Healthcare SafeNSound 4.3.1 Fixed link Version >4.3.1 - Not Affected cisagov 2022-01-05
Spacelabs Healthcare Sentinel Unknown link cisagov 2022-01-05
Spacelabs Healthcare Spacelabs Cloud Unknown link cisagov 2022-01-05
Spacelabs Healthcare Ultraview SL Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xhibit Telemetry Receiver (XTR) Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xhibit, XC4 Not Affected link cisagov 2022-01-05
Spacelabs Healthcare XprezzNet Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xprezzon Not Affected link cisagov 2022-01-05
Spambrella Unknown link cisagov 2022-01-12
Spigot Unknown link cisagov 2022-01-12
Splunk Data Stream Processor DSP 1.0.x, DSP 1.1.x, DSP 1.2.x Affected link cisagov 2021-12-30
Splunk IT Essentials Work App ID 5403 4.11, 4.10.x (Cloud only), 4.9.x Affected link cisagov 2021-12-30
Splunk IT Service Intelligence (ITSI) App ID 1841 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x Affected link cisagov 2021-12-30
Splunk Splunk Add-On for Java Management Extensions App ID 2647 5.2.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Add-On for Tomcat App ID 2911 3.0.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Application Performance Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Connect for Kafka All versions prior to 2.0.4 Affected link cisagov 2021-12-30
Splunk Splunk Enterprise (including instance types like Heavy Forwarders) All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. Affected link cisagov 2021-12-30
Splunk Splunk Enterprise Amazon Machine Image (AMI) See Splunk Enterprise Affected link cisagov 2021-12-30
Splunk Splunk Enterprise Docker Container See Splunk Enterprise Affected link cisagov 2021-12-30
Splunk Splunk Infrastructure Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Log Observer Current Affected link cisagov 2021-12-30
Splunk Splunk Logging Library for Java 1.11.0 and older Affected link cisagov 2021-12-30
Splunk Splunk On-call / VictorOps Current Affected link cisagov 2021-12-30
Splunk Splunk OVA for VMWare App ID 3216 4.0.3 and older Affected link cisagov 2021-12-30
Splunk Splunk OVA for VMWare Metrics App ID 5096 4.2.1 and older Affected link cisagov 2021-12-30
Splunk Splunk Real User Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Splunk Add-On for JBoss App ID 2954 3.0.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Synthetics Current Affected link cisagov 2021-12-30
Splunk Splunk UBA OVA Software 5.0.3a, 5.0.0 Affected link cisagov 2021-12-30
Splunk Splunk VMWare OVA for ITSI App ID 4760 1.1.1 and older Affected link cisagov 2021-12-30
Sprecher Automation Unknown link cisagov 2022-01-12
Spring Spring Boot Unknown link Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 cisagov 2022-01-12
Spring Boot Unknown link cisagov 2022-01-12
StarDog Unknown link cisagov 2022-01-12
STERIS Advantage Unknown link cisagov 2021-12-22
STERIS Advantage Plus Unknown link cisagov 2021-12-22
STERIS AMSCO 2000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 3000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 400 MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO 400 SMALL STEAM STERILIZERS Unknown link cisagov 2021-12-22
STERIS AMSCO 5000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 600 MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO 7000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO CENTURY MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO CENTURY SMALL STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS Unknown link cisagov 2021-12-22
STERIS AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO EVOLUTION MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS Canexis 1.0 Unknown link cisagov 2021-12-22
STERIS CELERITY HP INCUBATOR Unknown link cisagov 2021-12-22
STERIS CELERITY STEAM INCUBATOR Unknown link cisagov 2021-12-22
STERIS CER Optima Unknown link cisagov 2021-12-22
STERIS Clarity Software Unknown link cisagov 2021-12-22
STERIS Connect Software Unknown link cisagov 2021-12-22
STERIS ConnectAssure Technology Unknown link cisagov 2021-12-22
STERIS ConnectoHIS Unknown link cisagov 2021-12-22
STERIS CS-iQ Sterile Processing Workflow Unknown link cisagov 2021-12-22
STERIS DSD Edge Unknown link cisagov 2021-12-22
STERIS DSD-201, Unknown link cisagov 2021-12-22
STERIS EndoDry Unknown link cisagov 2021-12-22
STERIS Endora Unknown link cisagov 2021-12-22
STERIS Harmony iQ Integration Systems Unknown link cisagov 2021-12-22
STERIS Harmony iQ Perspectives Image Management System Unknown link cisagov 2021-12-22
STERIS HexaVue Unknown link cisagov 2021-12-22
STERIS HexaVue Integration System Unknown link cisagov 2021-12-22
STERIS IDSS Integration System Unknown link cisagov 2021-12-22
STERIS RapidAER Unknown link cisagov 2021-12-22
STERIS ReadyTracker Unknown link cisagov 2021-12-22
STERIS RealView Visual Workflow Management System Unknown link cisagov 2021-12-22
STERIS RELIANCE 444 WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE SYNERGY WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS Renatron Unknown link cisagov 2021-12-22
STERIS ScopeBuddy+ Unknown link cisagov 2021-12-22
STERIS SecureCare ProConnect Technical Support Services Unknown link cisagov 2021-12-22
STERIS Situational Awareness for Everyone Display (S.A.F.E.) Unknown link cisagov 2021-12-22
STERIS SPM Surgical Asset Tracking Software Unknown link cisagov 2021-12-22
STERIS SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS Unknown link cisagov 2021-12-22
Sterling Order IBM Unknown link cisagov 2022-01-12
Storagement Unknown link cisagov 2022-01-12
StormShield Unknown link cisagov 2022-01-12
StrangeBee TheHive & Cortex Unknown link cisagov 2022-01-12
Stratodesk Unknown link cisagov 2022-01-12
Strimzi Unknown link cisagov 2022-01-12
Stripe Unknown link cisagov 2022-01-12
Styra Unknown link cisagov 2022-01-12
Sumologic Unknown link cisagov 2022-01-12
SumoLogic Unknown link cisagov 2022-01-12
Superna EYEGLASS Unknown link cisagov 2022-01-12
Suprema Inc Unknown link cisagov 2022-01-12
SUSE Unknown link cisagov 2022-01-12
Sweepwidget Unknown link cisagov 2022-01-12
Swyx Unknown link cisagov 2022-01-12
Synchro MSP Unknown link cisagov 2022-01-12
Syncplify Unknown link cisagov 2022-01-12
Synology Unknown link cisagov 2022-01-12
Synopsys Unknown link cisagov 2022-01-12
Syntevo Unknown link cisagov 2022-01-12
SysAid Unknown link cisagov 2022-01-12
Sysdig Unknown link cisagov 2022-01-12
Tableau Tableau Bridge The following versions and lower: 20214.21.1109.1748, 20213.21.1112.1434, 20212.21.0818.1843, 20211.21.0617.1133, 20204.21.0217.1203, 20203.20.0913.2112, 20202.20.0721.1350, 20201.20.0614.2321, 20194.20.0614.2307, 20193.20.0614.2306, 20192.19.0917.1648, 20191.19.0402.1911, 20183.19.0115.1143 Affected link cisagov 2021-12-22
Tableau Tableau Desktop The following versions and lower: 2021.4, 2021.3.4, 2021.2.5, 2021.1.8, 2020.4.11, 2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 Affected link cisagov 2021-12-22
Tableau Tableau Prep Builder The following versions and lower: 22021.4.1, 2021.3.2, 2021.2.2, 2021.1.4, 2020.4.1, 2020.3.3, 2020.2.3, 2020.1.5, 2019.4.2, 2019.3.2, 2019.2.3, 2019.1.4, 2018.3.3 Affected link cisagov 2021-12-22
Tableau Tableau Public Desktop Client The following versions and lower: 2021.4 Affected link cisagov 2021-12-22
Tableau Tableau Reader The following versions and lower: 2021.4 Affected link cisagov 2021-12-22
Tableau Tableau Server The following versions and lower: 2021.4, 2021.3.4, 2021.2.5, 2021.1.8, 2020.4.11, 2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 Affected link cisagov 2021-12-22
Talend Unknown link cisagov 2022-01-12
Tanium All Not Affected link Tanium does not use Log4j. cisagov 2021-12-21
TealiumIQ Unknown link cisagov 2022-01-12
TeamPasswordManager Unknown link cisagov 2022-01-12
Teamviewer Unknown link cisagov 2022-01-12
Tech Software OneAegis (f/k/a IRBManager) Not Affected link OneAegis does not use Log4j. cisagov 2021-12-15
Tech Software SMART Not Affected link SMART does not use Log4j. cisagov 2021-12-15
Tech Software Study Binders Not Affected link Study Binders does not use Log4j. cisagov 2021-12-15
TechSmith Unknown link cisagov 2022-01-12
Telestream Unknown link cisagov 2022-01-12
Tenable Tenable.io / Nessus Unknown link None of Tenables products are running the version of Log4j vulnerable to CVE-2021-44228 or CVE-2021-45046 at this time cisagov 2022-01-12
Thales CADP/SafeNet Protect App (PA) - JCE Unknown link cisagov 2021-12-17
Thales CipherTrust Application Data Protection (CADP) CAPI.net & Net Core Unknown link cisagov 2021-12-17
Thales CipherTrust Batch Data Transformation (BDT) 2.3 Unknown link cisagov 2021-12-17
Thales CipherTrust Cloud Key Manager (CCKM) Appliance Unknown link cisagov 2021-12-17
Thales CipherTrust Cloud Key Manager (CCKM) Embedded Unknown link cisagov 2021-12-17
Thales CipherTrust Database Protection Unknown link cisagov 2021-12-17
Thales CipherTrust Manager Unknown link cisagov 2021-12-17
Thales CipherTrust Transparent Encryption (CTE/VTE/CTE-U) Unknown link cisagov 2021-12-17
Thales CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager Unknown link cisagov 2021-12-17
Thales CipherTrust Vaultless Tokenization (CTS, CT-VL) Unknown link cisagov 2021-12-17
Thales CipherTrust/SafeNet PDBCTL Unknown link cisagov 2021-12-17
Thales Crypto Command Center (CCC) Unknown link cisagov 2021-12-17
Thales Data Protection on Demand Unknown link cisagov 2021-12-17
Thales Data Security Manager (DSM) Unknown link cisagov 2021-12-17
Thales KeySecure Unknown link cisagov 2021-12-17
Thales Luna EFT Unknown link cisagov 2021-12-17
Thales Luna Network, PCIe, Luna USB HSM and backup devices Unknown link cisagov 2021-12-17
Thales Luna SP Unknown link cisagov 2021-12-17
Thales payShield Monitor Unknown link cisagov 2021-12-17
Thales ProtectServer HSMs Unknown link cisagov 2021-12-17
Thales SafeNet Authentication Client Unknown link cisagov 2021-12-17
Thales SafeNet eToken (all products) Unknown link cisagov 2021-12-17
Thales SafeNet IDPrime Virtual Unknown link cisagov 2021-12-17
Thales SafeNet IDPrime(all products) Unknown link cisagov 2021-12-17
Thales SafeNet LUKS Unknown link cisagov 2021-12-17
Thales SafeNet PKCS#11 and TDE Unknown link cisagov 2021-12-17
Thales SafeNet ProtectApp (PA) CAPI, .Net & Net Core Unknown link cisagov 2021-12-17
Thales SafeNet ProtectDB (PDB) Unknown link cisagov 2021-12-17
Thales Safenet ProtectFile and ProtectFile- Fuse Unknown link cisagov 2021-12-17
Thales SafeNet ProtectV Unknown link cisagov 2021-12-17
Thales SafeNet SQL EKM Unknown link cisagov 2021-12-17
Thales SafeNet Transform Utility (TU) Unknown link cisagov 2021-12-17
Thales SafeNet Trusted Access (STA) Unknown link cisagov 2021-12-17
Thales SafeNet Vaultless Tokenization Unknown link cisagov 2021-12-17
Thales SAS on Prem (SPE/PCE) Unknown link cisagov 2021-12-17
Thales Sentinel Connect Unknown link cisagov 2021-12-17
Thales Sentinel EMS Enterprise aaS Unknown link cisagov 2021-12-17
Thales Sentinel EMS Enterprise OnPremise Unknown link cisagov 2021-12-17
Thales Sentinel Envelope Unknown link cisagov 2021-12-17
Thales Sentinel ESDaaS Unknown link cisagov 2021-12-17
Thales Sentinel HASP, Legacy dog, Maze, Hardlock Unknown link cisagov 2021-12-17
Thales Sentinel LDK EMS (LDK-EMS) Unknown link cisagov 2021-12-17
Thales Sentinel LDKaas (LDK-EMS) Unknown link cisagov 2021-12-17
Thales Sentinel Professional Services components (both Thales hosted & hosted on-premises by customers) Unknown link cisagov 2021-12-17
Thales Sentinel RMS Unknown link cisagov 2021-12-17
Thales Sentinel SCL Unknown link cisagov 2021-12-17
Thales Sentinel Superdog, SuperPro, UltraPro, SHK Unknown link cisagov 2021-12-17
Thales Sentinel Up Unknown link cisagov 2021-12-17
Thales Thales Data Platform (TDP)(DDC) Unknown link cisagov 2021-12-17
Thales Thales payShield 10k Unknown link cisagov 2021-12-17
Thales Thales payShield 9000 Unknown link cisagov 2021-12-17
Thales Thales payShield Manager Unknown link cisagov 2021-12-17
Thales Vormetirc Key Manager (VKM) Unknown link cisagov 2021-12-17
Thales Vormetric Application Encryption (VAE) Unknown link cisagov 2021-12-17
Thales Vormetric Protection for Terradata Database (VPTD) Unknown link cisagov 2021-12-17
Thales Vormetric Tokenization Server (VTS) Unknown link cisagov 2021-12-17
Thermo Fisher Scientific Unknown link cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal, Install the 2022a patch when available cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal, delete the Log4j 2 files in the program installation if required, see advisory for instructions. cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal cisagov 2021-12-22
Thomson Reuters HighQ Appliance <3.5 Affected link Reported by vendor - Documentation is in vendor's client portal (login required). This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-20
ThreatLocker Unknown link cisagov 2022-01-12
ThycoticCentrify Account Lifecycle Manager Not Affected link cisagov 2021-12-10
ThycoticCentrify Cloud Suite Not Affected link cisagov 2021-12-10
ThycoticCentrify Connection Manager Not Affected link cisagov 2021-12-10
ThycoticCentrify DevOps Secrets Vault Not Affected link cisagov 2021-12-10
ThycoticCentrify Password Reset Server Not Affected link cisagov 2021-12-10
ThycoticCentrify Privilege Manager Not Affected link cisagov 2021-12-10
ThycoticCentrify Privileged Behavior Analytics Not Affected link cisagov 2021-12-10
ThycoticCentrify Secret Server Not Affected link cisagov 2021-12-10
ThycoticCentrify Server Suite Not Affected link cisagov 2021-12-10
Tibco Unknown link cisagov 2022-01-12
Top Gun Technology (TGT) Unknown link cisagov 2022-01-12
TopDesk Unknown link cisagov 2022-01-12
Topicus Security Topicus KeyHub Not Affected link cisagov 2021-12-20
Topix Unknown link cisagov 2022-01-12
Tosibox Unknown link cisagov 2022-01-12
TPLink Omega Controller Linux/Windows(all) Affected link Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16 Tp Community Link,Reddit Link cisagov 2021-12-15
TrendMicro All Unknown link cisagov 2022-01-12
Tricentis Tosca Unknown link cisagov 2022-01-12
Tridium Unknown link Document access requires authentication. CISA is not able to validate vulnerability status. cisagov 2022-01-19
Trimble eCognition 10.2.0 Build 4618 Affected Remediation steps provided by Trimble cisagov 2021-12-23
Tripp Lite LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX, SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces) Unknown link cisagov 2022-01-04
Tripp Lite PowerAlert Local (PAL) Unknown link Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. cisagov 2022-01-04
Tripp Lite PowerAlert Network Management System (PANMS) Unknown link Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. cisagov 2022-01-04
Tripp Lite PowerAlert Network Shutdown Agent (PANSA) Unknown link Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. cisagov 2022-01-04
Tripp Lite PowerAlertElement Manager (PAEM) 1.0.0 Affected link Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which will contain a patched version of Log4j2 cisagov 2022-01-04
Tripp Lite SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or embedded SNMPWEBCARD Unknown link cisagov 2022-01-04
Tripp Lite TLNETCARD and associated software Unknown link cisagov 2022-01-04
Tripwire Unknown link cisagov 2022-01-12
TrueNAS Unknown link cisagov 2022-01-12
Tufin Unknown link cisagov 2022-01-12
TYPO3 Unknown link cisagov 2022-01-12
Ubiquiti UniFi Network Application 6.5.53 & lower versions Affected link cisagov 2022-01-12
Ubiquiti UniFi Network Controller 6.5.54 & lower versions Affected link 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 cisagov 2021-12-15
Ubuntu Unknown link cisagov 2022-01-12
UiPath InSights 20.10 Affected link cisagov 2021-12-15
Umbraco Unknown link cisagov 2022-01-12
UniFlow Unknown link cisagov 2022-01-12
Unify ATOS Unknown link cisagov 2022-01-12
Unimus Unknown link cisagov 2022-01-12
USSIGNAL MSP Unknown link cisagov 2022-01-12
Varian Acuity All Affected link cisagov 2021-12-22
Varian ARIA Connect (Cloverleaf) Not Affected link cisagov 2021-12-22
Varian ARIA eDOC Not Affected link cisagov 2021-12-22
Varian ARIA oncology information system for Medical Oncology Not Affected link cisagov 2021-12-22
Varian ARIA oncology information system for Radiation Oncology Not Affected link cisagov 2021-12-22
Varian ARIA Radiation Therapy Management System (RTM) Not Affected link cisagov 2021-12-22
Varian Bravos Console Not Affected link cisagov 2021-12-22
Varian Clinac All Affected link cisagov 2021-12-22
Varian Cloud Planner Not Affected link cisagov 2021-12-22
Varian DITC All Affected link cisagov 2021-12-22
Varian DoseLab Not Affected link cisagov 2021-12-22
Varian Eclipse treatment planning software Not Affected link cisagov 2021-12-22
Varian ePeerReview All Affected link cisagov 2021-12-22
Varian Ethos Not Affected link cisagov 2021-12-22
Varian FullScale oncology IT solutions All Affected link cisagov 2021-12-22
Varian Halcyon system All Affected link cisagov 2021-12-22
Varian ICAP Not Affected link cisagov 2021-12-22
Varian Identify Not Affected link cisagov 2021-12-22
Varian Information Exchange Manager (IEM) Not Affected link cisagov 2021-12-22
Varian InSightive Analytics All Affected link cisagov 2021-12-22
Varian Large Integrated Oncology Network (LION) Not Affected link cisagov 2021-12-22
Varian Mobius3D platform Not Affected link cisagov 2021-12-22
Varian PaaS Not Affected link cisagov 2021-12-22
Varian ProBeam Not Affected link cisagov 2021-12-22
Varian Qumulate Not Affected link cisagov 2021-12-22
Varian Real-time Position Management (RPM) Not Affected link cisagov 2021-12-22
Varian Respiratory Gating for Scanners (RGSC) Not Affected link cisagov 2021-12-22
Varian SmartConnect solution All Affected link See Knowledge Article: 000038850 on MyVarian cisagov 2021-12-22
Varian SmartConnect solution Policy Server All Affected link See Knowledge Articles: 000038831 and 000038832 on MyVarian cisagov 2021-12-22
Varian TrueBeam radiotherapy system Not Affected link cisagov 2021-12-22
Varian UNIQUE system All Affected link cisagov 2021-12-22
Varian Varian Authentication and Identity Server (VAIS) Not Affected link cisagov 2021-12-22
Varian Varian Managed Services Cloud All Affected link cisagov 2021-12-22
Varian Varian Mobile App Not Affected link cisagov 2021-12-22
Varian VariSeed Not Affected link cisagov 2021-12-22
Varian Velocity Not Affected link cisagov 2021-12-22
Varian VitalBeam radiotherapy system Not Affected link cisagov 2021-12-22
Varian Vitesse Not Affected link cisagov 2021-12-22
Varian XMediusFax for ARIA oncology information system for Medical Oncology All Affected link cisagov 2021-12-22
Varian XMediusFax for ARIA oncology information system for Radiation Oncology All Affected link cisagov 2021-12-22
VArmour Unknown link cisagov 2022-01-12
Varnish Software Unknown link cisagov 2022-01-12
Varonis Unknown link cisagov 2022-01-12
Veeam Unknown link cisagov 2022-01-12
Venafi Unknown link cisagov 2022-01-12
Veritas NetBackup Unknown link cisagov 2022-01-12
Vertica Unknown link cisagov 2022-01-12
Video Insight Inc. Video Insight Not Affected link Video Insight is a part of Panasonic I-Pro. cisagov 2022-01-19
Viso Trust Unknown link cisagov 2022-01-12
VMware API Portal for VMware Tanzu 1.x Affected link cisagov 2021-12-12
VMware App Metrics 2.x Affected link cisagov 2021-12-12
VMware Healthwatch for Tanzu Application Service 2.x, 1.x Affected link cisagov 2021-12-12
VMware Single Sign-On for VMware Tanzu Application Service 1.x Affected link cisagov 2021-12-12
VMware Spring Cloud Gateway for Kubernetes 1.x Affected link cisagov 2021-12-12
VMware Spring Cloud Gateway for VMware Tanzu 1.x Affected link cisagov 2021-12-12
VMware Spring Cloud Services for VMware Tanzu 3.x Affected link cisagov 2021-12-12
VMware vCenter Server - OVA 7.x, 6.7.x, 6.5.x Affected link Workaround @ KB87081 (vmware.com) cisagov 2021-12-17
VMware vCenter Server - Windows 6.7.x, 6.5.x Affected link Workaround @ KB87096 (vmware.com) cisagov 2021-12-17
VMware VMware Carbon Black Cloud Workload Appliance 1.x Affected link cisagov 2021-12-12
VMware VMware Carbon Black EDR Server 7.x, 6.x Affected link cisagov 2021-12-12
VMware VMware Cloud Foundation 4.x, 3.x Affected link cisagov 2021-12-12
VMware VMware HCX 4.x, 3.x Affected link cisagov 2021-12-12
VMware VMware Horizon 8.x, 7.x Affected link VMware KB 87073 (vmware.com) cisagov 2021-12-17
VMware VMware Horizon Cloud Connector 1.x, 2.x Affected link cisagov 2021-12-12
VMware VMware Horizon DaaS 9.1.x, 9.0.x Affected link cisagov 2021-12-12
VMware VMware Identity Manager 3.3.x Affected link cisagov 2021-12-12
VMware VMware NSX-T Data Centern 3.x, 2.x Affected link cisagov 2021-12-12
VMware VMware Site Recovery Manager 8.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Application Service for VMs 2.x Affected link cisagov 2021-12-12
VMware VMware Tanzu GemFire 9.x, 8.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Greenplum 6.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Kubernetes Grid Integrated Edition 1.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Observability by Wavefront Nozzle 3.x, 2.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Operations Manager 2.x Affected link cisagov 2021-12-12
VMware VMware Tanzu SQL with MySQL for VMs 2.x, 1.x Affected link cisagov 2021-12-12
VMware VMware Telco Cloud Automation 2.x, 1.x Affected link cisagov 2021-12-12
VMware VMware Unified Access Gateway 21.x, 20.x, 3.x Affected link cisagov 2021-12-12
VMware VMware vCenter Cloud Gateway 1.x Affected link cisagov 2021-12-12
VMware VMware vRealize Automation 8.x, 7.x Affected link cisagov 2021-12-12
VMware VMware vRealize Lifecycle Manager 8.x Affected link cisagov 2021-12-12
VMware VMware vRealize Log Insight 8.x Affected link cisagov 2021-12-12
VMware VMware vRealize Operations 8.x Affected link cisagov 2021-12-12
VMware VMware vRealize Operations Cloud Proxy Any Affected link cisagov 2021-12-12
VMware VMware vRealize Orchestrator 8.x, 7.x Affected link cisagov 2021-12-12
VMware VMware Workspace ONE Access 21.x, 20.10.x Affected link cisagov 2021-12-12
VMware VMware Workspace ONE Access Connector (VMware Identity Manager Connector) 21.x, 20.10.x, 19.03.0.1 Affected link cisagov 2021-12-12
VTScada All Not Affected link Java is not utilized within VTScada software, and thus our users are unaffected. cisagov 2022-01-17
Vyaire Unknown link cisagov 2021-12-22
WAGO WAGO Smart Script 4.2.x < 4.8.1.3 Fixed link cisagov 2021-12-17
Wallarm All Unknown link cisagov 2022-01-12
Wasp Barcode technologies All Unknown link cisagov 2022-01-12
Watcher All Not Affected link cisagov 2022-01-12
WatchGuard AuthPoint Cloud Fixed link cisagov 2022-01-12
WatchGuard Dimension Not Affected link cisagov 2022-01-12
WatchGuard EDPR and Panda AD360 Not Affected link cisagov 2022-01-12
WatchGuard Firebox Not Affected link cisagov 2022-01-12
WatchGuard System Manager, Dimension, and Panda AD360 Not Affected link cisagov 2022-01-12
WatchGuard Threat Detection and Response Cloud Fixed link cisagov 2022-01-12
WatchGuard Wi-Fi Cloud Cloud Fixed link cisagov 2022-01-12
Western Digital Unknown link cisagov 2022-01-12
WIBU Systems CodeMeter Cloud Lite 2.2 and prior Fixed link cisagov 2021-12-22
WIBU Systems CodeMeter Keyring for TIA Portal 1.30 and prior Fixed link Only the Password Manager is affected cisagov 2021-12-22
WildFly All Not Affected link cisagov 2022-01-21
Wind River LTS17 Not Affected link cisagov 2022-01-21
Wind River LTS18 Not Affected link cisagov 2022-01-21
Wind River LTS19 Not Affected link cisagov 2022-01-21
Wind River LTS21 Not Affected link cisagov 2022-01-12
Wind River WRL-6 Not Affected link The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. cisagov 2022-01-21
Wind River WRL-7 Not Affected link The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. cisagov 2022-01-21
Wind River WRL-8 Not Affected link The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. cisagov 2022-01-21
Wind River WRL-9 Not Affected link cisagov 2022-01-21
WireShark All Not Affected link cisagov 2021-12-15
Wistia All Unknown link cisagov 2022-01-12
WitFoo Precinct 6.x Fixed link WitFoo Streamer & Apache Kafka Docker containers are/were vulnerable. See advisory. cisagov 2022-01-12
WordPress All Not Affected link cisagov 2022-01-12
Worksphere All Unknown link cisagov 2022-01-12
Wowza Streaming Engine 4.7.8, 4.8.x Fixed link cisagov 2022-01-12
WSO2 API Manager >= 3.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 API Manager Analytics >= 2.6.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Enterprise Integrator >= 6.1.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Enterprise Integrator Analytics >= 6.6.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Identity Server >= 5.9.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Identity Server Analytics >= 5.7.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Identity Server as Key Manager >= 5.9.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Micro Gateway >= 3.2.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Micro Integrator >= 1.1.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Micro Integrator Dashboard >= 4.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Micro Integrator Monitoring Dashboard >= 1.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Open Banking AM >= 2.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Open Banking BI >= 1.3.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Open Banking KM >= 2.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Stream Integrator >= 1.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Stream Integrator Tooling >= 1.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
WSO2 Stream Processor >= 4.0.0 Fixed link A temporary mitigation is available while vendor works on update. cisagov 2022-01-26
XCP-ng All Not Affected link cisagov 2022-01-12
XenForo Unknown link cisagov 2022-01-12
Xerox AltaLink Products Not Affected link cisagov 2022-01-12
Xerox CareAR Not Affected link cisagov 2022-01-12
Xerox ColorQube 8700 Not Affected link cisagov 2022-01-12
Xerox ColorQube 8870 Not Affected link cisagov 2022-01-12
Xerox ColorQube 8880 Not Affected link cisagov 2022-01-12
Xerox ColorQube 9201 Not Affected link cisagov 2022-01-12
Xerox ColorQube 9301 Not Affected link cisagov 2022-01-12
Xerox DocuCentre SC2020 Not Affected link cisagov 2022-01-12
Xerox ElemX Not Affected link cisagov 2022-01-12
Xerox FreeFlow Core Not Affected link cisagov 2022-01-12
Xerox FreeFlow Express to Print Not Affected link cisagov 2022-01-12
Xerox FreeFlow Makeready Not Affected link cisagov 2022-01-12
Xerox FreeFlow Output Manager Not Affected link cisagov 2022-01-12
Xerox FreeFlow Print Manager - APP Not Affected link cisagov 2022-01-12
Xerox FreeFlow Variable Information Suite Not Affected link cisagov 2022-01-12
Xerox Nuvera EA Perfecting Production Systems Not Affected link cisagov 2022-01-12
Xerox Nuvera EA Production Systems Not Affected link cisagov 2022-01-12
Xerox Phaser 3300 Not Affected link cisagov 2022-01-12
Xerox Phaser 3320 Not Affected link cisagov 2022-01-12
Xerox Phaser 3330 Not Affected link cisagov 2022-01-12
Xerox Phaser 3435 Not Affected link cisagov 2022-01-12
Xerox Phaser 3600 Not Affected link cisagov 2022-01-12
Xerox Phaser 3610 Not Affected link cisagov 2022-01-12
Xerox Phaser 3635 Not Affected link cisagov 2022-01-12
Xerox Phaser 4510 Not Affected link cisagov 2022-01-12
Xerox Phaser 4622 Not Affected link cisagov 2022-01-12
Xerox Phaser 6000 Not Affected link cisagov 2022-01-12
Xerox Phaser 6020 Not Affected link cisagov 2022-01-12
Xerox Phaser 6022 Not Affected link cisagov 2022-01-12
Xerox Phaser 6280 Not Affected link cisagov 2022-01-12
Xerox Phaser 6510 Not Affected link cisagov 2022-01-12
Xerox Phaser 6600 Not Affected link cisagov 2022-01-12
Xerox Phaser 6700 Not Affected link cisagov 2022-01-12
Xerox Phaser 7800 Not Affected link cisagov 2022-01-12
Xerox Phaser 8860 Not Affected link cisagov 2022-01-12
Xerox PrimeLink Products Not Affected link cisagov 2022-01-12
Xerox Versalink Products Not Affected link cisagov 2022-01-12
Xerox WorkCentre 33xx Not Affected link cisagov 2022-01-12
Xerox WorkCentre 3615 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 4260 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 4265 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5135 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5150 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5225 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5230 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 53XX Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5645 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5655 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5740 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5745 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5755 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5765 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 58XX Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5945 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 5955 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 6025 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 6400 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 6515 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 6605 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 6655 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7425 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7435 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7525 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7535 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7556 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7830 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7835 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7855 Not Affected link cisagov 2022-01-12
Xerox WorkCentre 7970i Not Affected link cisagov 2022-01-12
Xerox WorkCentre ECXX Not Affected link cisagov 2022-01-12
Xerox Xerox Account Payable Services Not Affected link cisagov 2022-01-12
Xerox Xerox App Gallery Not Affected link cisagov 2022-01-12
Xerox Xerox B1022/25 Not Affected link cisagov 2022-01-12
Xerox Xerox B225 Not Affected link cisagov 2022-01-12
Xerox Xerox B230 Not Affected link cisagov 2022-01-12
Xerox Xerox B235 Not Affected link cisagov 2022-01-12
Xerox Xerox B310 Not Affected link cisagov 2022-01-12
Xerox Xerox Baltoro HF Inkjet Press Not Affected link cisagov 2022-01-12
Xerox Xerox Branded ConnectKey Applications Not Affected link cisagov 2022-01-12
Xerox Xerox C230 Not Affected link cisagov 2022-01-12
Xerox Xerox C235 Not Affected link cisagov 2022-01-12
Xerox Xerox C310 Not Affected link cisagov 2022-01-12
Xerox Xerox Campaigns on Demand Not Affected link cisagov 2022-01-12
Xerox Xerox Color EC70 Printer Not Affected link cisagov 2022-01-12
Xerox Xerox D110 Not Affected link cisagov 2022-01-12
Xerox Xerox D125 Not Affected link cisagov 2022-01-12
Xerox Xerox D95A Not Affected link cisagov 2022-01-12
Xerox Xerox Digital Mailroom Services Not Affected link cisagov 2022-01-12
Xerox Xerox ECXX Not Affected link cisagov 2022-01-12
Xerox Xerox ED125 Not Affected link cisagov 2022-01-12
Xerox Xerox ED95A Not Affected link cisagov 2022-01-12
Xerox Xerox iGen 5 Not Affected link cisagov 2022-01-12
Xerox Xerox Instant Print Kiosk Not Affected link cisagov 2022-01-12
Xerox Xerox Intelligent Workplace Services (All Including XDM, XDA, CWW) Not Affected link cisagov 2022-01-12
Xerox Xerox Iridesse Production Press Not Affected link cisagov 2022-01-12
Xerox Xerox J75 Not Affected link cisagov 2022-01-12
Xerox Xerox Print and Scan Experience Not Affected link cisagov 2022-01-12
Xerox Xerox Team Availability Application Not Affected link cisagov 2022-01-12
Xerox Xerox Versant 180 Not Affected link cisagov 2022-01-12
Xerox Xerox Versant 280 Not Affected link cisagov 2022-01-12
Xerox Xerox Versant 3100 Not Affected link cisagov 2022-01-12
Xerox Xerox Versant 4100 Not Affected link cisagov 2022-01-12
Xerox Xerox Workflow Central Platform Not Affected link cisagov 2022-01-12
Xerox Xerox Workplace Kiosk Not Affected link cisagov 2022-01-12
Xerox Xerox Workplace Suite Not Affected link cisagov 2022-01-12
Xerox Xerox Workspace Cloud Not Affected link cisagov 2022-01-12
Xerox XMPie Data-Driven Print and VDP Not Affected link cisagov 2022-01-12
Xerox XMPie Omnichannel Communications Not Affected link cisagov 2022-01-12
Xerox XMPie Web to Print Not Affected link cisagov 2022-01-12
XPertDoc All Unknown link cisagov 2022-01-12
XPLG All Unknown link cisagov 2022-01-12
XWIKI All Unknown link cisagov 2022-01-12
Xylem Aquatalk Fixed link cisagov 2021-12-22
Xylem Avensor Fixed link cisagov 2021-12-22
Xylem Configuration change complete Fixed link cisagov 2021-12-22
Xylem Sensus Analytics Fixed link cisagov 2021-12-22
Xylem Sensus Automation Control Configuration change complete Fixed link cisagov 2021-12-22
Xylem Sensus Cathodic Protection Mitigation in process Mitigation in process Affected link cisagov 2021-12-22
Xylem Sensus FieldLogic LogServer Affected link cisagov 2021-12-22
Xylem Sensus Lighting Control Fixed link cisagov 2021-12-22
Xylem Sensus NetMetrics Configuration change complete Fixed link cisagov 2021-12-22
Xylem Sensus RNI On Prem 4.7 through 4.10, 4.4 through 4.6, 4.2 Affected link cisagov 2021-12-22
Xylem Sensus RNI Saas 4.7 through 4.10, 4.4 through 4.6, 4.2 Fixed link cisagov 2021-12-22
Xylem Sensus SCS Fixed link cisagov 2021-12-22
Xylem Smart Irrigation Affected link cisagov 2021-12-22
Xylem Water Loss Management (Visenti) Fixed link cisagov 2021-12-22
Xylem Xylem Cloud Fixed link cisagov 2021-12-22
Xylem Xylem Edge Gateway (xGW) Fixed link cisagov 2021-12-22
Yahoo Vespa Not Affected link Your Vespa application may still be affected if log4j is included in your application package. cisagov 2022-01-12
Yellowbrick Unknown link cisagov 2022-01-12
YellowFin All 8.0.10.3, 9.7.0.2 Fixed link v7 and v6 releases are not affected unless you have manually upgraded to Log4j2. cisagov 2022-01-12
Yenlo Connext Not Affected link Connext Platform (Managed WSO2 Cloud) and all underlying middleware components are not vulnerable. cisagov 2022-01-12
YOKOGAWA CENTUM VP Unknown link Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier. cisagov 2021-12-22
YOKOGAWA CENTUM VP (other components) Not Affected link Unified Gateway Station (UGS2) Standard Function R6.06.00 or earlier is still under investigation. cisagov 2021-12-22
YOKOGAWA CI Server Not Affected link cisagov 2021-12-22
YOKOGAWA Exaopc Not Affected link cisagov 2021-12-22
YOKOGAWA Exaplog Not Affected link cisagov 2021-12-22
YOKOGAWA Exaquantum Not Affected link cisagov 2021-12-22
YOKOGAWA FAST/TOOLS Not Affected link cisagov 2021-12-22
YOKOGAWA PRM Not Affected link cisagov 2021-12-22
YOKOGAWA ProSafe-RS Not Affected link cisagov 2021-12-22
YOKOGAWA ProSafe-RS Lite Not Affected link cisagov 2021-12-22
YOKOGAWA STARDOM Not Affected link cisagov 2021-12-22
YOKOGAWA VTSPortal Not Affected link cisagov 2021-12-22
YSoft SAFEQ 4 Not Affected link cisagov 2022-02-01
YSoft SAFEQ 5 Not Affected link cisagov 2022-02-01
YSoft SAFEQ 6 <=6.0.63 Fixed link cisagov 2022-02-01
Zabbix Unknown link cisagov 2022-01-12
ZAMMAD Unknown link cisagov 2022-01-12
Zaproxy Unknown link cisagov 2022-01-12
Zebra Unknown link cisagov 2022-01-12
Zeiss Cataract Suite 1.3.1 Fixed link Patch is available. cisagov 2021-02-01
Zeiss EQ Workplace 1.6, 1.8 Fixed link Patch is available. cisagov 2021-02-01
Zeiss FORUM 4.2.x Fixed link Patch is available. cisagov 2021-02-01
Zeiss Glaucoma Workplace 3.5.x Fixed link Patch is available. cisagov 2021-02-01
Zeiss Laser Treatment Workplace 1.x Fixed link Patch is available. cisagov 2021-02-01
Zeiss Retina Workplace 2.5.x, 2.6.x Fixed link Patch is available. cisagov 2021-02-01
Zendesk All Products All Versions Affected link Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. cisagov 2021-12-13
Zenoss Unknown link cisagov 2022-01-12
Zentera Systems, Inc. CoIP Access Platform Not Affected link cisagov 2021-12-17
Zerto Cloud Appliance Not Affected link cisagov 2021-02-01
Zerto Cloud Manager Not Affected link cisagov 2021-02-01
Zerto Virtual Manager Not Affected link cisagov 2021-02-01
Zerto Virtual Replication Appliance Not Affected link cisagov 2021-02-01
Zesty Unknown link cisagov 2022-01-12
Zimbra Unknown link cisagov 2022-01-12
Zix Unknown link cisagov 2021-12-16
Zoho Online Unknown link cisagov 2021-02-01
Zoom Not Affected link cisagov 2022-01-12
ZPE systems Inc Unknown link cisagov 2022-01-12
Zscaler See Link (Multiple Products) Unknown link cisagov 2021-12-15
Zyxel Unknown link cisagov 2022-01-12
Zyxel All other products Not Affected link cisagov 2021-12-14
Zyxel Netlas Element Management System (EMS) Affected link Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022. cisagov 2021-12-14
Zyxel Security Firewall/Gateways Not Affected link cisagov 2021-12-14