1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-16 13:57:55 +00:00
A community sourced list of log4j-affected software
Find a file
2021-12-14 10:23:12 -05:00
.github Remove blank template 2021-12-13 17:40:34 -05:00
README.md Update README.md 2021-12-14 10:23:12 -05:00

CISA Log4j (CVE-2021-44228) Vulnerability Guidance

This repository provides CISA's guidance and an overview of related software regarding the Log4j vulnerability (CVE-2021-44228). CISA encourages users and administrators to review the official Apache release and upgrade to Log4j 2.15.0 or apply the recommended mitigations immediately.

Official CISA Guidance & Resources:
CISA Director Jen Easterly's Statement: Statement from CISA Director Easterly on “Log4j” Vulnerability.
CISA Current Activity Alert: Apache Releases Log4j Version 2.15.0 to Address Critical RCE Vulnerability Under Exploitation
National Vulnerability Database (NVD) Information: CVE-2021-44228

CISA will maintain a list of all publicly available information and vendor-supplied advisories regarding the Log4j vulnerability. This list is not a full list and will be updated continuously. If you have any additional information to share relevant to the log4j vulnerability, please feel free to open an issue here. We have a template available for your submission. Please also feel free to submit a pull request.

Status Descriptions

Status Description
Unknown Status unknown. Default choice.
Affected Reported to be affected by CVE-2021-44228.
Not Affected Reported to NOT be affected by CVE-2021-44228 and no further action necessary.
Fixed Patch and/or mitigations available (see provided links).
Under Investigation Vendor investigating status.

Software List

Vendor Product Version Status Update Available Vendor Link Notes Other References Last Updated
AIL AIL all Not Affected No source 12/14/21
Apache Cassandra all Not Affected No source 12/14/21
Apache Druid 0.22.1 Fixed Yes source 12/14/21
Apache Flink 1.15.0, 1.14.1, 1.13.4 Fixed Yes source 12/14/21
Apache Log4j 2.15.0 Fixed Yes source 12/14/21
Apache Kafka Unknown Affected No source Only vulnerable in certain configuration 12/14/21
Apache SOLR 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 Fixed Yes source Versions before 7.4 also vulnerable when using several configurations 12/14/21
Apache Tika 2.0.0 and up Affected No source 12/14/21
Apache Tomcat Not Affected No source 12/14/21
Apache Zookeeper Not Affected No source Zookeeper uses Log4j 1.2 version 12/14/21
Apereo CAS 6.3.x & 6.4.x Fixed Yes source Other versions still in active maintainance might need manual inspection 12/14/21
Apereo Opencast < 9.10, < 10.6 Fixed Yes source 12/14/21
Apigee Edge and OPDK products All version Not Affected No source 12/14/21
Aptible Aptible ElasticSearch 5.x Fixed Yes source 12/14/21
Atlassian Jira Server & Data Center On prem Affected No source Only vulnerable when using non-default config, cloud version still under investigation 12/14/21
Atlassian Confluence Server & Data Center On prem Affected No source Only vulnerable when using non-default config, cloud version still under investigation 12/14/21
Atlassian Bamboo Server & Data Center On prem Affected No source Only vulnerable when using non-default config, cloud version still under investigation 12/14/21
Atlassian Crowd Server & Data Center On prem Affected No source Only vulnerable when using non-default config, cloud version still under investigation 12/14/21
Atlassian Fisheye On prem Affected No source Only vulnerable when using non-default config, cloud version still under investigation 12/14/21
Atlassian Crucible On prem Affected No source Only vulnerable when using non-default config, cloud version still under investigation 12/14/21
Amazon EC2 Amazon Linux 1 & 2 Affected No source Default packages not vulnerable 12/14/21
Amazon OpenSearch Unknown Fixed Yes source 12/14/21
Amazon AWS Lambda Unknown Fixed Yes source Vulnerable when using aws-lambda-java-log4j2 12/14/21
Amazon AWS CloudHSM < 3.4.1. Fixed Yes source 12/14/21
Azure Data lake store java < 2.3.10 Fixed Yes source 12/14/21
APC PowerChute Business Edition Unknow to 10.0.2.301 Affected No 12/14/21
APC PowerChute Network Shutdown Unknow to 4.2.0 Affected No 12/14/21
Akamai Siem Splunk Connector Unknown to latest Affected No source 12/14/21
Avaya Affected No source 12/14/21
Backblaze Cloud N/A (SaaS) Fixed Yes source Cloud service patched 12/14/21
BigBlueButton BigBlueButton Unknown Not Affected No source 12/14/21
Bitdefender GravityZone On-Premises Unknown Not Affected No source 12/14/21
Bitnami Unknown Unknown Fixed Yes source 12/14/21
Brian Pangburn SwingSet < 4.0.6 Fixed Yes source 12/14/21
Broadcom CA Advanced Protection 9.1 & 9.1.01 Fixed Yes source 12/14/21
Broadcom Symantec Endpoint Protection Manager (SEPM) 14.3 Fixed Yes source 12/14/21
Broadcom Advanced Secure Gateway (ASG) Unknown Fixed Yes source 12/14/21
Broadcom BCAAA Unknown Fixed Yes source 12/14/21
Broadcom Content Analysis (CA)(SEPM) Unknown Fixed Yes source 12/14/21
Broadcom Cloud Workload Protection (CWP) Unknown Fixed Yes source 12/14/21
Broadcom Cloud Workload Protection for Storage (CWP:S) Unknown Fixed Yes source 12/14/21
Broadcom Critical System Protection (CSP) Unknown Fixed Yes source 12/14/21
Broadcom Email Security Service (ESS) Unknown Fixed Yes source 12/14/21
Broadcom HSM Agent Unknown Fixed Yes source 12/14/21
Broadcom Industrial Control System Protection (ICSP) Unknown Fixed Yes source 12/14/21
Broadcom Integrated Cyber Defense Manager (ICDm) Unknown Fixed Yes source 12/14/21
Broadcom Integrated Secure Gateway (ISG) Unknown Fixed Yes source 12/14/21
Broadcom Layer7 API Developer Portal Unknown Fixed Yes source 12/14/21
Broadcom Management Center (MC) Unknown Fixed Yes source 12/14/21
Broadcom PacketShaper (PS) S-Series Unknown Fixed Yes source 12/14/21
Broadcom PolicyCenter (PC) S-Series Unknown Fixed Yes source 12/14/21
Broadcom Privileged Access Manager Unknown Fixed Yes source 12/14/21
Broadcom Privileged Access Manager Server Control Unknown Fixed Yes source 12/14/21
Broadcom Privileged Identity Manager Unknown Fixed Yes source 12/14/21
Broadcom Reporter Unknown Fixed Yes source 12/14/21
Broadcom Secure Access Cloud (SAC) Unknown Fixed Yes source 12/14/21
Broadcom SiteMinder (CA Single Sign-On) Unknown Fixed Yes source 12/14/21
Broadcom SSL Visibility (SSLV) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Endpoint Detection and Response (EDR) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Endpoint Encryption (SEE) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Endpoint Protection (SEP) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Endpoint Protection (SEP) for Mobile Unknown Fixed Yes source 12/14/21
Broadcom Symantec Mail Security for Microsoft Exchange (SMSMSE) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Messaging Gateway (SMG) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Protection Engine (SPE) Unknown Fixed Yes source 12/14/21
Broadcom Symantec Protection for SharePoint Servers (SPSS) Unknown Fixed Yes source 12/14/21
Broadcom VIP Authentication Hub Unknown Fixed Yes source 12/14/21
Broadcom Web Isolation (WI) Unknown Fixed Yes source 12/14/21
Broadcom Web Security Service (WSS)) Unknown Fixed Yes source 12/14/21
Broadcom WebPulse Unknown Fixed Yes source 12/14/21
Broadcom CloudSOC Cloud Access Security Broker (CASB) Unknown Not Affected No source 12/14/21
Broadcom Symantec Control Compliance Suite (CCS) Unknown Not Affected No source 12/14/21
Broadcom Data Center Security (DCS) Unknown Not Affected No source 12/14/21
Broadcom Data Loss Prevention (DLP) Unknown Not Affected No source 12/14/21
Broadcom Ghost Solution Suite (GSS) Unknown Not Affected No source 12/14/21
Broadcom IT Management Suite Unknown Not Affected No source 12/14/21
Broadcom Layer7 API Gateway Unknown Not Affected No source 12/14/21
Broadcom Layer7 Mobile API Gateway Unknown Not Affected No source 12/14/21
Broadcom ProxySG Unknown Not Affected No source 12/14/21
Broadcom Security Analytics (SA) Unknown Not Affected No source 12/14/21
Broadcom Symantec Directory Unknown Not Affected No source 12/14/21
Broadcom Symantec Identity Governance and Administration (IGA) Unknown Not Affected No source 12/14/21
Broadcom Symantec PGP Solutions Unknown Not Affected No source 12/14/21
Broadcom VIP Unknown Not Affected No source 12/14/21
Carbon Black Cloud Workload Appliance Unknown Not Affected No source More information on pages linked bottom of blogpost (behind login) 12/14/21
Carbon Black EDR Servers Unknown Not Affected No source More information on pages linked bottom of blogpost (behind login) 12/14/21
Cerberus FTP Unknown Not Affected No source 12/14/21
Cerebrate Cerebrate All Not Affected No source 12/14/21
Checkpoint Quantum Security Gateway Unknown Not Affected No source 12/14/21
Checkpoint Quantum Security Management Unknown Not Affected No source 12/14/21
Checkpoint CloudGuard Unknown Not Affected No source 12/14/21
Checkpoint Infinity Portal Unknown Not Affected No source 12/14/21
Checkpoint Harmony Endpoint & Harmony Mobile Unknown Not Affected No source 12/14/21
Checkpoint SMB Unknown Not Affected No source 12/14/21
Checkpoint ThreatCloud Unknown Not Affected No source 12/14/21
Chef Infra Server All Not Affected No source 12/14/21
Chef Automate All Not Affected No source 12/14/21
Chef Backend All Not Affected No source 12/14/21
Cisco General Cisco Disclaimer Cisco is updating their advisory three times a day, please keep their website in your watchlist. We will try to update accordingly Not Affected No 12/14/21
Cisco AnyConnect Secure Mobility Client All versions Not Affected No source 12/14/21
Cisco Cisco SocialMiner All versions Not Affected No source 12/14/21
Cisco Cisco Extensible Network Controller (XNC) Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus Data Broker Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus Insights Unknown Not Affected No source 12/14/21
Cisco Cisco Wide Area Application Services (WAAS) All versions Not Affected No source 12/14/21
Cisco Cisco AMP Virtual Private Cloud Appliance Unknown Not Affected No source 12/14/21
Cisco Cisco Adaptive Security Appliance (ASA) Software Unknown Not Affected No source 12/14/21
Cisco Cisco Advanced Web Security Reporting Application Unknown Not Affected No source 12/14/21
Cisco Cisco Content Security Management Appliance (SMA) Unknown Not Affected No source 12/14/21
Cisco Cisco Email Security Appliance (ESA) Unknown Not Affected No source 12/14/21
Cisco Cisco Firepower 4100 Series Unknown Not Affected No source 12/14/21
Cisco Cisco Firepower 9300 Security Appliances Unknown Not Affected No source 12/14/21
Cisco Cisco Firepower Management Center Unknown Not Affected No source 12/14/21
Cisco Cisco Firepower Threat Defense (FTD) Unknown Not Affected No source 12/14/21
Cisco Cisco Identity Services Engine (ISE) Unknown Affected No source 12/14/21
Cisco Cisco Web Security Appliance (WSA) Unknown Not Affected No source 12/14/21
Cisco Cisco ACI Multi-Site Orchestrator Unknown Not Affected No source 12/14/21
Cisco Cisco Application Policy Infrastructure Controller (APIC) Unknown Not Affected No source 12/14/21
Cisco Cisco CloudCenter Suite Admin Unknown Not Affected No source 12/14/21
Cisco Cisco CloudCenter Workload Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Connected Grid Device Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Connected Mobile Experiences Unknown Not Affected No source 12/14/21
Cisco Cisco Crosswork Change Automation Unknown Not Affected No source 12/14/21
Cisco Cisco DNA Assurance Unknown Not Affected No source 12/14/21
Cisco Cisco Data Center Network Manager (DCNM) Unknown Not Affected No source 12/14/21
Cisco Cisco Elastic Services Controller (ESC) Unknown Not Affected No source 12/14/21
Cisco Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) Unknown Not Affected No source 12/14/21
Cisco Cisco Modeling Labs Unknown Not Affected No source 12/14/21
Cisco Cisco Network Planner Unknown Not Affected No source 12/14/21
Cisco Cisco Network Services Orchestrator (NSO) Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus Dashboard (formerly Cisco Application Services Engine) <2.1.2 Affected No source Patch expected 7-jan-2022 12/14/21
Cisco Cisco Optical Network Planner Unknown Affected No source 12/14/21
Cisco Cisco Policy Suite Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Central for Service Providers Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Collaboration Assurance Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Collaboration Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Collaboration Provisioning Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Infrastructure Unknown Not Affected No source 12/14/21
Cisco Cisco Prime License Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Network Registrar Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Optical for Service Providers Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Provisioning Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Service Catalog Unknown Not Affected No source 12/14/21
Cisco Cisco UCS Performance Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM Unknown Not Affected No source 12/14/21
Cisco Cisco WAN Automation Engine (WAE) Unknown Not Affected No source 12/14/21
Cisco Cisco ACI Virtual Edge Unknown Not Affected No source 12/14/21
Cisco Cisco ASR 5000 Series Routers Unknown Not Affected No source 12/14/21
Cisco Cisco DNA Center Unknown Not Affected No source 12/14/21
Cisco Cisco Enterprise NFV Infrastructure Software (NFVIS) Unknown Not Affected No source 12/14/21
Cisco Cisco GGSN Gateway GPRS Support Node Unknown Not Affected No source 12/14/21
Cisco Cisco IOS and IOS XE Software Unknown Not Affected No source 12/14/21
Cisco Cisco IOx Fog Director Unknown Not Affected No source 12/14/21
Cisco Cisco IP Services Gateway (IPSG) Unknown Not Affected No source 12/14/21
Cisco Cisco MDS 9000 Series Multilayer Switches Unknown Not Affected No source 12/14/21
Cisco Cisco MME Mobility Management Entity Unknown Not Affected No source 12/14/21
Cisco Cisco Mobility Unified Reporting and Analytics System Unknown Not Affected No source 12/14/21
Cisco Cisco Network Assurance Engine Unknown Not Affected No source 12/14/21
Cisco Cisco Network Convergence System 2000 Series Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 5500 Platform Switches Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 5600 Platform Switches Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 6000 Series Switches Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 7000 Series Switches Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Unknown Not Affected No source 12/14/21
Cisco Cisco PDSN/HA Packet Data Serving Node and Home Agent Unknown Not Affected No source 12/14/21
Cisco Cisco PGW Packet Data Network Gateway Unknown Not Affected No source 12/14/21
Cisco Cisco SD-WAN vEdge 1000 Series Routers Unknown Not Affected No source 12/14/21
Cisco Cisco SD-WAN vEdge 2000 Series Routers Unknown Not Affected No source 12/14/21
Cisco Cisco SD-WAN vEdge 5000 Series Routers Unknown Not Affected No source 12/14/21
Cisco Cisco SD-WAN vEdge Cloud Router Platform Unknown Not Affected No source 12/14/21
Cisco Cisco SD-WAN vManage Unknown Not Affected No source 12/14/21
Cisco Cisco Secure Network Analytics (SNA), formerly Stealthwatch Unknown Not Affected No source 12/14/21
Cisco Cisco System Architecture Evolution Gateway (SAEGW) Unknown Not Affected No source 12/14/21
Cisco Cisco HyperFlex System Unknown Not Affected No source 12/14/21
Cisco Cisco UCS Manager Unknown Not Affected No source 12/14/21
Cisco Cisco BroadWorks Unknown Not Affected No source 12/14/21
Cisco Cisco Broadcloud Calling Unknown Not Affected No source 12/14/21
Cisco Cisco Computer Telephony Integration Object Server (CTIOS) Unknown Not Affected No source 12/14/21
Cisco Cisco Contact Center Domain Manager (CCDM) Unknown Not Affected No source 12/14/21
Cisco Cisco Contact Center Management Portal (CCMP) Unknown Not Affected No source 12/14/21
Cisco Cisco Emergency Responder Unknown Not Affected No source 12/14/21
Cisco Cisco Enterprise Chat and Email Unknown Not Affected No source 12/14/21
Cisco Cisco Finesse Unknown Not Affected No source 12/14/21
Cisco Cisco Packaged Contact Center Enterprise Unknown Not Affected No source 12/14/21
Cisco Cisco Paging Server (InformaCast) Unknown Not Affected No source 12/14/21
Cisco Cisco Paging Server Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Attendant Console Advanced Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Attendant Console Business Edition Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Attendant Console Department Edition Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Attendant Console Enterprise Edition Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Attendant Console Premium Edition Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Contact Center Enterprise Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Contact Center Express Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Customer Voice Portal Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Intelligent Contact Management Enterprise Unknown Not Affected No source 12/14/21
Cisco Cisco Unified SIP Proxy Software Unknown Not Affected No source 12/14/21
Cisco Cisco Virtualized Voice Browser Unknown Not Affected No source 12/14/21
Cisco Exony Virtualized Interaction Manager (VIM) Unknown Not Affected No source 12/14/21
Cisco Cisco Expressway Series Unknown Not Affected No source 12/14/21
Cisco Cisco Meeting Server Unknown Not Affected No source 12/14/21
Cisco Cisco TelePresence Management Suite Unknown Not Affected No source 12/14/21
Cisco Cisco TelePresence Video Communication Server (VCS) Unknown Not Affected No source 12/14/21
Cisco Cisco Vision Dynamic Signage Director Unknown Not Affected No source 12/14/21
Cisco Cisco Mobility Services Engine Unknown Not Affected No source 12/14/21
Cisco Cisco CX Cloud Agent Software Unknown Not Affected No source 12/14/21
Cisco Cisco Cloud Email Security Unknown Not Affected No source 12/14/21
Cisco Cisco Cognitive Intelligence Unknown Not Affected No source 12/14/21
Cisco Cisco Common Services Platform Collector Unknown Not Affected No source 12/14/21
Cisco Cisco Connectivity Unknown Not Affected No source 12/14/21
Cisco Cisco DNA Spaces Unknown Not Affected No source 12/14/21
Cisco Cisco Defense Orchestrator Unknown Not Affected No source 12/14/21
Cisco Cisco Intersight Unknown Not Affected No source 12/14/21
Cisco Cisco IoT Operations Dashboard Unknown Not Affected No source 12/14/21
Cisco Cisco Kinetic for Cities Unknown Not Affected No source 12/14/21
Cisco Cisco Network Assessment (CNA) Tool Unknown Not Affected No source 12/14/21
Cisco Cisco Umbrella Unknown Not Affected No source 12/14/21
Cisco Managed Services Accelerator (MSX) Network Access Control Service Unknown Not Affected No source 12/14/21
Cisco AppDynamics <21.12.0 Fixed Yes source 12/14/21
Cisco Cisco Webex Meetings Server Unknown Affected No source 12/14/21
Cisco Cisco Evolved Programmable Network Manager Unknown Affected No source 12/14/21
Cisco Cisco Integrated Management Controller (IMC) Supervisor Unknown Affected No source 12/14/21
Cisco Cisco Intersight Virtual Appliance Unknown Affected No source 12/14/21
Cisco Cisco UCS Director Unknown Affected No source 12/14/21
Cisco Cisco Unified Contact Center Enterprise - Live Data server Unknown Affected No source 12/14/21
Cisco Cisco Video Surveillance Operations Manager Unknown Affected No source 12/14/21
Cisco Cisco Unified Communications Manager Cloud Unknown Affected No source 12/14/21
Cisco Cisco Webex Cloud-Connected UC (CCUC) Unknown Affected No source 12/14/21
Cisco Duo Unknown Fixed Yes source 12/14/21
Cisco Cisco Jabber Guest All versions Not Affected No source 12/14/21
Cisco Cisco Cloud Services Platform 2100 All versions Not Affected No source 12/14/21
Cisco Cisco Cloud Services Platform 5000 Series All versions Not Affected No source 12/14/21
Cisco Cisco Tetration Analytics All versions Not Affected No source 12/14/21
Cisco Cisco Adaptive Security Device Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Registered Envelope Service Unknown Not Affected No source 12/14/21
Cisco Cisco Business Process Automation Unknown Not Affected No source 12/14/21
Cisco Cisco CloudCenter Action Orchestrator Unknown Not Affected No source 12/14/21
Cisco Cisco Container Platform Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Access Registrar Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Cable Provisioning Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Collaboration Deployment Unknown Not Affected No source 12/14/21
Cisco Cisco Prime IP Express Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Network Registrar Unknown Not Affected No source 12/14/21
Cisco Cisco Prime Performance Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Security Manager Unknown Not Affected No source 12/14/21
Cisco Cisco UCS Central Software Unknown Not Affected No source 12/14/21
Cisco Cisco IOS XR Software Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 3000 Series Switches Unknown Not Affected No source 12/14/21
Cisco Cisco Nexus 9000 Series Switches in standalone NX-OS mode Unknown Not Affected No source 12/14/21
Cisco Cisco UCS C-Series Rack Servers - Integrated Management Controller Unknown Not Affected No source 12/14/21
Cisco Cisco Hosted Collaboration Mediation Fulfillment Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Communications Domain Manager Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) Unknown Not Affected No source 12/14/21
Cisco Cisco Unified Intelligence Center Unknown Not Affected No source 12/14/21
Cisco Cisco Unity Connection Unknown Not Affected No source 12/14/21
Cisco Cisco Unity Express Unknown Not Affected No source 12/14/21
Cisco Cisco Ultra Packet Core Unknown Not Affected No source 12/14/21
Cisco Cisco Smart Software Manager On-Prem Unknown Not Affected No source 12/14/21
CIS-CAT CIS-CAT Pro Assessor 4.12.0 and below Affected No [proof] (https://ibb.co/98kyxqK) Found by manual scanning 12/14/21
Citrix NetScaler ADC Unknown Affected No source Implementation not using WlonNS feature, is not impacted 12/14/21
Citrix NetScaler Gateway Unknown Affected No source 12/14/21
Citrix Analytics Unknown Affected No source 12/14/21
Citrix Application Delivery Management (NetScaler MAS) Unknown Not Affected No source 12/14/21
Citrix Hypervisor (XenServer) Unknown Not Affected No source 12/14/21
Citrix SD-WAN Unknown Not Affected No source 12/14/21
Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Unknown Not Affected No source 12/14/21
Citrix Workspace Unknown Not Affected No source 12/14/21
Citrix Workspace App Unknown Not Affected No source 12/14/21
Citrix Sharefile Unknown Not Affected No source 12/14/21
cPanel cPanel Unknown Not Affected No source 12/14/21
Commvault All products All versions Not Affected No source 12/14/21
Commvault Cloud Apps & Oracle & MS-SQL All supported versions Not Affected No source 12/14/21
Connect2id Connect2id server < 12.5.1 Fixed Yes source 12/14/21
Connectwise Perch Unknown Fixed Yes source 12/14/21
Connectwise Manage on-premise's Global Search Unknown Fixed Yes source 12/14/21
Connectwise Marketplace Unknown Fixed Yes source 12/14/21
Connectwise Global search capability of Manage Cloud Unknown Fixed Yes source 12/14/21
Connectwise StratoZen Unknown Fixed Yes source Urgent action for self-hosted versions 12/14/21
Contrast Hosted SaaS Enviroments All Fixed Yes source 12/14/21
Contrast On-premises (EOP) Environments All Fixed Yes source 12/14/21
Contrast Java Agent All Not Affected No source 12/14/21
Contrast Scan All Fixed Yes source 12/14/21
ControlUp All products All versions Fixed Yes source 12/14/21
Coralogix Coralogix Unknown Fixed Yes source 12/14/21
Couchbase Couchbase ElasticSearch connector < 4.3.3 & 4.2.13 Fixed Yes source 12/14/21
Cryptshare Cryptshare Server All Not Affected No source 12/14/21
Cryptshare Cryptshare for Outlook All Not Affected No source 12/14/21
Cryptshare Cryptshare for Notes All Not Affected No source 12/14/21
Cryptshare Cryptshare for NTA 7516 All Not Affected No source 12/14/21
Cryptshare Cryptshare .NET API All Not Affected No source 12/14/21
Cryptshare Cryptshare Java API All Not Affected No source 12/14/21
Cryptshare Cryptshare Robot All Not Affected No source 12/14/21
Cyberark PAS Self Hosted Not Affected No source 12/14/21
Cybereason All Cybereason products Unknown Not Affected No source 12/14/21
DatadogHQ Datadog Agent 6 < 6.32.2, 7 < 7.32.2 Fixed Yes source JMX monitoring component leverages an impacted version of log4j 12/14/21
Datto All Datto products Unknown Not Affected No source 12/14/21
Debian Apache-log4j.1.2 stretch, buster, bullseye Fixed Yes source 12/14/21
Debian Apache-log4j2 stretch, buster, bullseye Fixed Yes source 12/14/21
Dell BSAFE Crypto-C Micro Edition Unknown Not Affected No source 12/14/21
Dell BSAFE Crypto-J Unknown Not Affected No source 12/14/21
Dell BSAFE Micro Edition Suite Unknown Not Affected No source 12/14/21
Dell Centera Unknown Not Affected No source 12/14/21
Dell Chassis Management Controller (CMC) Unknown Not Affected No source 12/14/21
Dell Cloudlink Unknown Not Affected No source 12/14/21
Dell Cloud Mobility for Dell EMC Storage Unknown Not Affected No source 12/14/21
Dell Data Domain OS Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell Disk Library for Mainframe Unknown Not Affected No source 12/14/21
Dell Embedded NAS Unknown Not Affected No source 12/14/21
Dell EMC Cloud Disaster Recovery Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC DataIQ Unknown Not Affected No source 12/14/21
Dell EMC ECS Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC Integrated System for Microsoft Azure Stack Hub Unknown Not Affected No source 12/14/21
Dell EMC License Manager Unknown Not Affected No source 12/14/21
Dell EMC NetWorker Unknown Not Affected No source 12/14/21
Dell EMC Networking Onie Unknown Not Affected No source 12/14/21
Dell EMC ObjectScale Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC PowerFlex Appliance Unknown Not Affected No source 12/14/21
Dell EMC PowerFlex Manager Unknown Not Affected No source 12/14/21
Dell EMC PowerFlex Rack Unknown Not Affected No source 12/14/21
Dell EMC PowerMax Unknown Not Affected No source 12/14/21
Dell EMC PowerPath Management Appliance Unknown Not Affected No source 12/14/21
Dell EMC PowerPath Unknown Not Affected No source 12/14/21
Dell EMC PowerProtect Cyber Recovery Unknown Not Affected No source 12/14/21
Dell EMC PowerProtect Data Manager Unknown Not Affected No source 12/14/21
Dell EMC PowerProtect DP Series Appliance (iDPA) Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC PowerScale OneFS Unknown Not Affected No source 12/14/21
Dell EMC PowerShell for PowerMax Unknown Not Affected No source 12/14/21
Dell EMC PowerShell for Powerstore Unknown Not Affected No source 12/14/21
Dell EMC PowerShell for Unity Unknown Not Affected No source 12/14/21
Dell EMC PowerStore Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC PowerSwitch Z9264F-ON BMC, Dell EMC PowerSwitch Z9432F-ON BMC Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC RecoverPoint Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC Repository Manager (DRM) Unknown Affected No source 12/14/21
Dell EMC SourceOne Unknown Affected No source 12/14/21
Dell EMC SRM vApp Unknown Affected No source 12/14/21
Dell EMC Streaming Data Platform Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC Systems Update (DSU) Unknown Affected No source 12/14/21
Dell EMC Unity Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC Virtual Storage Integrator Unknown Affected No source 12/14/21
Dell EMC VPLEX Unknown Affected No source 12/14/21
Dell EMC VxRail Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell EMC XtremIO Unknown Affected No source 12/14/21
Dell Enterprise Hybrid Cloud Unknown Affected No source 12/14/21
Dell GeoDrive Unknown Affected No source 12/14/21
Dell Hybrid Client (DHC) Unknown Not Affected No source 12/14/21
Dell ImageAssist Unknown Not Affected No source 12/14/21
Dell Insight IQ Unknown Not Affected No source 12/14/21
Dell Integrated Dell Remote Access Controller (iDRAC) Unknown Not Affected No source 12/14/21
Dell IsilonSD Management Server Unknown Not Affected No source 12/14/21
Dell Mainframe Enablers Unknown Not Affected No source 12/14/21
Dell MyDell Mobile Unknown Not Affected No source 12/14/21
Dell NetWorker Management Console Unknown Not Affected No source 12/14/21
Dell NetWorker MM for Hyper-V Unknown Not Affected No source 12/14/21
Dell Networking N-Series Unknown Not Affected No source 12/14/21
Dell Networking OS9 Unknown Not Affected No source 12/14/21
Dell Networking OS Unknown Not Affected No source 12/14/21
Dell Networking SD-WAN Edge Unknown Not Affected No source 12/14/21
Dell Networking W-Series Unknown Not Affected No source 12/14/21
Dell Networking X-Series Unknown Not Affected No source 12/14/21
Dell OMIMSSC (OpenManage Integration for Microsoft System Center) Unknown Not Affected No source 12/14/21
Dell OpenManage Change Management Unknown Not Affected No source 12/14/21
Dell OpenManage Enterprise Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell OpenManage Integration for Microsoft System Center for System Center Operations Manager Unknown Not Affected No source 12/14/21
Dell OpenManage Integration with Microsoft Windows Admin Center Unknown Not Affected No source 12/14/21
Dell Open Management Enterprise - Modular Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell Open Manage Mobile Unknown Not Affected No source 12/14/21
Dell OpenManage Network Integration Unknown Not Affected No source 12/14/21
Dell Open Manage Server Administrator Unknown Not Affected No source 12/14/21
Dell PowerEdge BIOS Unknown Not Affected No source 12/14/21
Dell Remotely Anywhere Unknown Not Affected No source 12/14/21
Dell Secure Connect Gateway (SCG) 5.0 Appliance Unknown Not Affected No source 12/14/21
Dell Smart Fabric Storage Software Unknown Not Affected No source 12/14/21
Dell Solutions Enabler Unknown Not Affected No source 12/14/21
Dell Sonic Unknown Not Affected No source 12/14/21
Dell SRS Policy Manager Unknown Not Affected No source 12/14/21
Dell SRS VE Unknown Not Affected No source 12/14/21
Dell SupportAssist Client Commercial Unknown Not Affected No source 12/14/21
Dell SupportAssist Client Consumer Unknown Not Affected No source 12/14/21
Dell SupportAssist Enterprise Unknown Not Affected No source 12/14/21
Dell Unisphere Central Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell Unisphere for PowerMax Unknown Not Affected No source 12/14/21
Dell Vblock Unknown Not Affected No source 12/14/21
Dell ViPR Controller Unknown Not Affected No source 12/14/21
Dell VNX2 Unknown Not Affected No source 12/14/21
Dell VNX Control Station Unknown Not Affected No source 12/14/21
Dell Vsan Ready Nodes Unknown Not Affected No source 12/14/21
Dell VxBlock Unknown Not Affected No source 12/14/21
Dell VxFlex Ready Nodes Unknown Not Affected No source 12/14/21
Dell Wyse Management Suite Import Tool Unknown Not Affected No source 12/14/21
Dell Wyse Management Suite Unknown Affected No source Fix Release Timeline TBD 12/14/21
Dell Wyse Proprietary OS (ThinOS) Unknown Not Affected No source 12/14/21
Dell Wyse Windows Embedded Unknown Affected No source Fix Release Timeline TBD 12/14/21
Docker Docker infrastructure Unknown Not Affected No source Docker infrastructure not vulnerable, Docker images could be vulnerable. For more info see source. 12/14/21
Dropwizard Dropwizard Unknown Not Affected No source Only vulnerable if you manually added Log4j 12/14/21
Dynatrace Dynatrace Cloud Services Unknown Fixed Yes source 12/14/21
Dynatrace ActiveGates 1.229.49.20211210-165018, 1.227.31.20211210-164955, 1.225.29.20211210-164930, 1.223.30.20211210-164926 Fixed Yes source 12/14/21
EAL ATS Classic All Versions Fixed Yes See vendor-statements 12/14/21
Elastic APM Java Agent 1.17.0-1.28.0 Fixed Yes source Only vulnerable with specific configuration 12/14/21
Elastic APM Server Fixed Yes source 12/14/21
Elastic Beats Fixed Yes source 12/14/21
Elastic Cmd Fixed Yes source 12/14/21
Elastic Elastic Agent Fixed Yes source 12/14/21
Elastic Elastic Cloud Fixed Yes source 12/14/21
Elastic Elastic Cloud Enterprise Fixed Yes source 12/14/21
Elastic Elastic Cloud on Kubernetes Fixed Yes source 12/14/21
Elastic Elastic Endgame Fixed Yes source 12/14/21
Elastic Elastic Maps Service Fixed Yes source 12/14/21
Elastic Elasticsearch < 6.8.21, < 7.16.1 Fixed Yes source Information leakage vulnerability 12/14/21
Elastic Endpoint Security Fixed Yes source 12/14/21
Elastic Enterprise Search Fixed Yes source 12/14/21
Elastic Fleet Server Fixed Yes source 12/14/21
Elastic Kibana Fixed Yes source 12/14/21
Elastic Logstash < 6.8.21, < 7.16.1 Fixed Yes source 12/14/21
Elastic Machine Learning Fixed Yes source 12/14/21
Elastic Swiftype Fixed Yes source 12/14/21
ELO Digital Office Fixed Yes source 12/14/21
ESET All products Unknown Not Affected No source 12/14/21
Esri ArcGIS Enterprise and related products < 10.8.0 Affected No source 12/14/21
EVL Labs JGAAP <8.0.2 Fixed Yes source 12/14/21
eXtreme Hosting All products Unknown Not Affected No source 12/14/21
F5 All products Not Affected No source F5 products themselves are not vulnerable, but F5 published guidance on mitigating through BIG-IP ASM/Advanced WAF and NGINX App Protect 12/14/21
FileCap All products <5.1.0 Affected No source Fix: 5.1.1 12/14/21
Fiix CMMS core V5 Fixed Yes source 12/14/21
Forcepoint DLP Manager Fixed Yes source 12/14/21
Forcepoint Forcepoint Cloud Security Gateway (CSG) Not Affected No source 12/14/21
Forcepoint Next Generation Firewall (NGFW) Not Affected No source 12/14/21
Forcepoint Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder Not Affected No source 12/14/21
Forcepoint One Endpoint Not Affected No source 12/14/21
Forcepoint Security Manager (Web, Email and DLP) Fixed Yes source 12/14/21
ForgeRock Autonomous Identity Fixed Yes source all other ForgeRock products not vuln 12/14/21
Fortinet FortiAIOps Affected No source 12/14/21
Fortinet FortiAnalyzer Cloud Affected No source 12/14/21
Fortinet FortiAnalyzer Affected No source 12/14/21
Fortinet FortiAP Affected No source 12/14/21
Fortinet FortiAuthenticator Affected No source 12/14/21
Fortinet FortiCASB Affected No source 12/14/21
Fortinet FortiConvertor Affected No source 12/14/21
Fortinet FortiDeceptor Affected No source 12/14/21
Fortinet FortiEDR Agent Affected No source 12/14/21
Fortinet FortiEDR Cloud Affected No source 12/14/21
Fortinet FortiGate Cloud Affected No source 12/14/21
Fortinet FortiGSLB Cloud Affected No source 12/14/21
Fortinet FortiMail Affected No source 12/14/21
Fortinet FortiManager Cloud Affected No source 12/14/21
Fortinet FortiManager Affected No source 12/14/21
Fortinet FortiNAC Affected No source 12/14/21
Fortinet FortiNAC Affected No source 12/14/21
Fortinet FortiOS (includes FortiGate & FortiWiFi) Affected No source 12/14/21
Fortinet FortiPhish Cloud Affected No source 12/14/21
Fortinet FortiPolicy Affected No source 12/14/21
Fortinet FortiPortal Affected No source 12/14/21
Fortinet FortiRecorder Affected No source 12/14/21
Fortinet FortiSIEM Affected No source 12/14/21
Fortinet FortiSOAR Affected No source 12/14/21
Fortinet FortiSwitch Cloud in FortiLANCloud Affected No source 12/14/21
Fortinet FortiSwitch & FortiSwitchManager Affected No source 12/14/21
Fortinet FortiToken Cloud Affected No source 12/14/21
Fortinet FortiVoice Affected No source 12/14/21
Fortinet FortiWeb Cloud Affected No source 12/14/21
Fortinet ShieldX Affected No source 12/14/21
F-Secure Endpoint Proxy 13-15 Fixed Yes source 12/14/21
F-Secure Policy Manager 13-15 Fixed Yes source 12/14/21
F-Secure Policy Manager Proxy 13-15 Fixed Yes source 12/14/21
FusionAuth FusionAuth 1.32 Fixed Yes source 12/14/21
Genesys All products Fixed Yes source 12/14/21
GFI Software Kerio Connect Affected No source 12/14/21
GoAnywhere MFT Unknown Fixed Yes source 12/14/21
GoAnywhere Gateway Unknown Fixed Yes source 12/14/21
GoAnywhere Agents Unknown Fixed Yes source 12/14/21
Graylog Graylog < 3.3.15,<4.0.14,<4.1.9,<4.2.3 Fixed Yes source 12/14/21
GuardedBox GuardedBox <3.1.2 Fixed Yes source 12/14/21
HackerOne Unknown Unknown Fixed Yes source 12/14/21
Hashicorp All products Fixed Yes source 12/14/21
HCL Software BigFix Compliance Unknown Fixed Yes source 12/14/21
HCL Software BigFix Inventory Unknown Fixed Yes source 12/14/21
HCL Software BigFix Compliance Unknown Fixed Yes source 12/14/21
HCL Software BigFix Compliance Unknown Fixed Yes source 12/14/21
Hexagon M.App Enterprise Unknown Fixed Yes source Might be vulnerable only when used with Geoprocessing Server 12/14/21
Hexagon ERDAS APOLLO Advantage & Professional Unknown Fixed Yes source 12/14/21
Hexagon GeoMedia Unknown Not Affected No source 12/14/21
Hexagon IMAGINE Unknown Not Affected No source 12/14/21
Hexagon ImageStation Unknown Not Affected No source 12/14/21
Hexagon GeoMedia WebMap Unknown Not Affected No source 12/14/21
Hexagon Geospatial Portal Unknown Not Affected No source 12/14/21
Hexagon Geospatial SDI Unknown Not Affected No source 12/14/21
Hexagon GeoMedia SmartClient Unknown Not Affected No source 12/14/21
Hexagon ERDAS APOLLO Essentials Unknown Not Affected No source 12/14/21
Hexagon M.App Enterprise standalone or with Luciad Fusion Unknown Not Affected No source 12/14/21
Hexagon Luciad Fusion Unknown Not Affected No source The only risk is if Log4J was implemented outside of the default product install 12/14/21
Hexagon Luciad Lightspeed Unknown Not Affected No source The only risk is if Log4J was implemented outside of the default product install 12/14/21
Hitachi Vantara Pentaho v8.3.x, v9.2.x Not Affected No source 12/14/21
HostiFi Unifi hosting Unknown Fixed Yes source Hosted Unifi solution 12/14/21
Huawei All products Fixed Yes source 12/14/21
IBM All products Fixed Yes source 12/14/21
IBM Curam SPM 8.0.0, 7.0.11 Affected No source 12/14/21
IBM Sterling Order Management Unknown Not Affected No source 12/14/21
IBM Sterling Fulfillment Optimizer Unknown Affected No source 12/14/21
IBM Sterling Inventory Visibility Unknown Affected No source 12/14/21
IBM Websphere 8.5 Affected No source fix: PH42728 12/14/21
IBM Websphere 9.0 Affected No source fix: PH42728 12/14/21
Inductive Automation Ignition All versions Affected No source 12/14/21
Informatica Axon 7.2.x Fixed Yes source 12/14/21
Informatica Data Privacy Management 10.5, 10.5.1 Fixed Yes source 12/14/21
Informatica Information Deployment Manager Fixed Yes source 12/14/21
Informatica Metadata Manager 10.4, 10.4.1, 10.5, 10.5.1 Fixed Yes source 12/14/21
Informatica PowerCenter 10.5.1 Fixed Yes source 12/14/21
Informatica PowerExchange for CDC (Publisher) and Mainframe 10.5.1 Fixed Yes source 12/14/21
Informatica Product 360 All versions Fixed Yes source 12/14/21
Informatica Secure Agents (Cloud hosted) Unknown Fixed Yes source Fixed agents may need to be restarted 12/14/21
IronNet All products All verisons Fixed Yes source 12/14/21
Ivanti All products All versions Fixed Yes source No products are deemed affected at this moment 12/14/21
JFrog all products Fixed Yes source 12/14/21
Jamf Nation Jamf Cloud Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Pro (hosted on-prem) < 10.34.1 Fixed Yes source <10.14 vulnerable, 10.14-10.34 patch, >= 10.34.1 fix 12/14/21
Jamf Nation Health Care Listener Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Connect Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Data Policy Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Infrastructure Manager Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Now Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Private Access Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Protect Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf School Unknown Fixed Yes source 12/14/21
Jamf Nation Jamf Threat Defense Unknown Fixed Yes source 12/14/21
Jazz/IBM JazzSM DASH Unknown Fixed Yes source DASH on WebSphere Application Server requires mitigations 12/14/21
Jenkins Jenkins CI Unknown Fixed Yes source Invidivual plugins not developed as part of Jenkins core may be vulnerable. 12/14/21
JetBrains YouTrack Standalone >= 2019.2 <= 2021.4.34389 Fixed Yes
email, mitigation 12/14/21
Jetbrains TeamCity Unknown Fixed Yes source 12/14/21
Jitsi jitsi-videobridge v2.1-595-g3637fda42 Fixed Yes source 12/14/21
Kaseya AuthAnvil Unknown Fixed Yes source 12/14/21
Kaseya BMS Unknown Fixed Yes source 12/14/21
Kaseya ID Agent DarkWeb ID and BullPhish ID Unknown Fixed Yes source 12/14/21
Kaseya IT Glue Unknown Fixed Yes source 12/14/21
Kaseya MyGlue Unknown Fixed Yes source 12/14/21
Kaseya Network Glue Unknown Fixed Yes source 12/14/21
Kaseya Passly Unknown Fixed Yes source 12/14/21
Kaseya RocketCyber Unknown Fixed Yes source 12/14/21
Kaseya Spannign Salesforce Backup Unknown Fixed Yes source 12/14/21
Kaseya Spanning O365 Backup Unknown Fixed Yes source 12/14/21
Kaseya Unitrends Unknown Fixed Yes source 12/14/21
Kaseya VSA SaaS and VSA On-Premises Unknown Fixed Yes source 12/14/21
Kaseya Vorex Unknown Fixed Yes source 12/14/21
Kaseya products not listed above Unknown Fixed Yes source 12/14/21
Keycloak Keycloak all version Fixed Yes source 12/14/21
LeanIX All products All versions Fixed Yes source 12/14/21
Lightbend Akka Unknown Fixed Yes source 12/14/21
Lightbend Akka Serverless Unknown Fixed Yes source 12/14/21
Lightbend Lagom Framework Unknown Fixed Yes source Users that switched from logback to log4j are affected 12/14/21
Lightbend Play Framework Unknown Fixed Yes source Users that switched from logback to log4j are affected 12/14/21
LogicMonitor LogicMonitor SaaS Platform Unknown Fixed Yes
Automatic update before 13th December source 12/14/21
The Linux Foundation XCP-ng All versions Not Affected No source 12/14/21
LiquidFiles LiquidFiles All versions Not Affected No source 12/14/21
Mailcow Mailcow Solr Docker < 1.8 Fixed Yes source 12/14/21
ManageEngine ADAudit Plus Unknown Fixed Yes Third party components bundle log4j 12/14/21
ManageEngine ADManager Plus Unknown Fixed Yes source Mitigation: set -Dlog4j2.formatMsgNoLookups=true in jvm.options. 12/14/21
ManageEngine Desktop Central Unknown Fixed Yes source 12/14/21
McAfee Data Exchange Layer (DXL) Unknown Fixed Yes source 12/14/21
McAfee Enterprise Security Manager (ESM) Unknown Fixed Yes source 12/14/21
McAfee McAfee Active Response (MAR) Unknown Fixed Yes source 12/14/21
McAfee Network Security Manager (NSM) Unknown Fixed Yes source 12/14/21
McAfee Network Security Platform (NSP) Unknown Fixed Yes source 12/14/21
McAfee Threat Intelligence Exchange (TIE) Unknown Fixed Yes source 12/14/21
McAfee ePolicy Orchestrator Agent Handlers (ePO-AH) Unknown Fixed Yes source 12/14/21
McAfee ePolicy Orchestrator Application Server (ePO) <= 5.10 CU10 Fixed Yes source 12/14/21
McAfee ePolicy Orchestrator Application Server (ePO) 5.10 CU11 Fixed Yes source 12/14/21
Memurai All products Fixed Yes source 12/14/21
Metabase Metabase <0.41.4 Fixed Yes source Mitigations available for earlier versions 12/14/21
Microsoft Fixed Yes source, IOCs Microsoft provided additional guidance for preventing, detecting and hunting for exploitation 12/14/21
Microsoft Azure AD Unknown Fixed Yes source ADFS itself is not vulnerable, federation providers may be 12/14/21
Microsoft Azure App Service Unknown Fixed Yes source This product itself is not vulnerable, Microsoft provides guidance on remediation for hosted applications 12/14/21
Microsoft Azure Application Gateway Unknown Fixed Yes source 12/14/21
Microsoft Azure Front Door Unknown Fixed Yes source 12/14/21
Microsoft Azure WAF Unknown Fixed Yes source 12/14/21
Microsoft Kafka Connect for Azure Cosmo DB < 1.2.1 Fixed Yes source 12/14/21
Minecraft Java edition <1.18.1 Fixed Yes source
Mitigations available for earlier versions 12/14/21
MISP MISP All Not Affected No source 12/14/21
MONARC MONARC All Not Affected No source 12/14/21
MongoDB Atlas Search Unknown Fixed Yes source
Affected and patched. No evidence of exploitation or indicators of compromise prior to the patch were discovered. 12/14/21
MongoDB Atlas Unknown Not Affected No source
Including Atlas Database, Data Lake, Charts 12/14/21
MongoDB Enterprise Advanced Unknown Not Affected No source
Including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators. 12/14/21
MongoDB Community Edition Unknown Not Affected No source
Including Community Server, Cloud Manager, Community Kubernetes Operators. 12/14/21
MongoDB Drivers Unknown Not Affected No source
12/14/21
MongoDB Tools Unknown Not Affected No source
Including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors 12/14/21
MongoDB Realm Unknown Not Affected No source
including Realm Database, Sync, Functions, APIs 12/14/21
Moodle Moodle All Not Affected No source
12/14/21
-------------------- -------------------------------------------------------------------- :--------: Not Affected No -----------------------------------------------------------------------------------------------------------------: ------------------------------------------------ 12/14/21
N-able Backup Unknown Not Affected No source 12/14/21
N-able MSP Manager Unknown Not Affected No source 12/14/21
N-able Mail Assure Unknown Not Affected No source 12/14/21
N-able N-central Unknown Not Affected No source 12/14/21
N-able Passportal Unknown Not Affected No source 12/14/21
N-able RMM Unknown Fixed Yes source 12/14/21
N-able Risk Intelligence Unknown Affected No source 12/14/21
N-able Take Control Unknown Affected No source 12/14/21
Neo4j Neo4j > 4.2 Affected No source Workaround is available, but not released yet. 12/14/21
Nelson Nelson 0.16.185 Affected No source Workaround is available, but not released yet. 12/14/21
NetApp Brocade SAN Naviator Unknown Affected No source 12/14/21
NetApp Cloud Manager Unknown Affected No source 12/14/21
NetApp Element Plug-in for vCenter Server Unknown Affected No source 12/14/21
NetApp Management Services for Element Software and NetApp HCI Unknown Affected No source 12/14/21
NetApp NetApp HCI Compute Node Unknown Affected No source 12/14/21
NetApp NetApp SolidFire & HCI Management Node Unknown Affected No source 12/14/21
NetApp NetApp SolidFire Plug-in for vRealize Orchestrator (SolidFire vRO) Unknown Affected No source 12/14/21
NetApp NetApp SolidFire, Enterprise SDS & HCI Storage Unknown Affected No source 12/14/21
NetApp NetApp SolidFireStorage Replication Adapter Unknown Affected No source 12/14/21
Netflix atlas 1.6.6 Fixed Yes source 12/14/21
Netflix dgs-framework < 4.9.11 Fixed Yes fix 12/14/21
Netflix spectator < 1.0.9 Fixed Yes fix 12/14/21
Netflix zuul Unknown Fixed Yes source 12/14/21
NetIQ Access Manager > 4.5.x & > 5.0.x Fixed Yes workaround 12/14/21
Netwrix Netwrix Auditor Not Affected No source 12/14/21
New Relic Java Agent 6.5.1 & 7.4.1 Fixed Yes source 12/14/21
NextGen Healthcare Mirth Unknown Fixed Yes source 12/14/21
NSA Ghidra < 10.1 Fixed Yes source, fix 12/14/21
Nutanix AOS All versions Affected No source Patch pending 12/14/21
Nutanix AHV All versions Affected No source Investigating 12/14/21
Nutanix Prism Central All versions Affected No source Patch pending 12/14/21
Nutanix Flow Security Central All versions Affected No source 12/14/21
Nutanix Files All versions Affected No source Investigating 12/14/21
Nutanix Objects All versions Affected No source Investigating 12/14/21
Nutanix Volumes All versions Affected No source Patch pending 12/14/21
Nutanix Mine All versions Affected No source Investigating 12/14/21
Nutanix Era All versions Affected No source Investigating 12/14/21
Nutanix X-Ray All versions Affected No source Investigating 12/14/21
Nutanix LCM All versions Affected No source Investigating 12/14/21
Nutanix Move All versions Affected No source Investigating 12/14/21
Nutanix NCC All versions Affected No source Investigating 12/14/21
Nutanix Foundation All versions Affected No source Investigating 12/14/21
Nutanix Karbon All versions Affected No source Patch pending 12/14/21
Nutanix Leap All versions Affected No source Patch pending 12/14/21
Nutanix Calm All versions Affected No source Patch pending 12/14/21
Nutanix Beam All versions Affected No source Patch pending 12/14/21
Nutanix Frame All versions Affected No source 12/14/21
Nutanix Sizer Unknown Fixed Yes source See advisory 12/14/21
Nutanix Insights All versions Affected No source Patch pending 12/14/21
NXLog NXLog Manager 5.x Affected No source 12/14/21
Obsidian Dynamics kafdrop all Affected No source 12/14/21
Okta AD Agent Unknown Affected No source 12/14/21
Okta Access Gateway Unknown Affected No source 12/14/21
Okta Advanced Server Access Unknown Affected No source 12/14/21
Okta Browser Plugin Unknown Affected No source 12/14/21
Okta IWA Web Agent Unknown Affected No source 12/14/21
Okta LDAP Agent Unknown Affected No source 12/14/21
Okta Mobile Unknown Affected No source 12/14/21
Okta On-Prem MFA Agent <1.4.6 Fixed Yes source, fix 12/14/21
Okta Radius Server Agent 2.17.0 Fixed Yes source/fix 12/14/21
Okta Verify Unknown Fixed Yes source 12/14/21
Okta Workflow Unknown Fixed Yes source 12/14/21
Okta RADIUS Server Agent <2.17.0 Fixed Yes source, fix 12/14/21
OpenMRS Talk 2.4.0-2.4.1 Affected No source Mitigations are available, pending a new release 12/14/21
OpenNMS Horizon (including derived Sentinels) < 29.0.3 Fixed Yes source Workarounds are available too for earlier versions 12/14/21
OpenNMS Meridian (including derived Minions and Sentinels) < 2021.1.8, 2020.1.15, 2019.1.27 Fixed Yes source Workarounds are available too for earlier versions 12/14/21
OpenNMS Minion appliance Unknown Fixed Yes source 12/14/21
OpenNMS PoweredBy OpenNMS Unknown Fixed Yes source 12/14/21
OpenSearch OpenSearch < 1.2.1 Fixed Yes source 12/14/21
Oracle Database Unknown Fixed Yes source, Support note 2827611.1 12/14/21
Oracle Fusion Middleware Unknown Fixed Yes source, Support note 209768.1, Support note 2827611.1 12/14/21
Oracle Oracle Enterprise Manager Unknown Fixed Yes source, Support note 209768.1, Support note 2827611.1 12/14/21
Oracle Oracle WebLogic Server Unknown Fixed Yes source, Support note 209768.1, Support note 2827611.1 12/14/21
Oracle Oracle HTTP Server Unknown Fixed Yes source, Support note 209768.1, Support note 2827611.1 12/14/21
Oracle Oracle Internet Directory Unknown Fixed Yes source, Support note 209768.1, Support note 2827611.1 12/14/21
Oracle Oracle SOA Suite Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle Oracle Fusion Middleware Infrastructure Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle Oracle Access Manager Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle Oracle eBusiness Suite Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle Oracle Policy Automation (OPA) Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle NoSQL Database Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle Oracle WebCenter Portal Unknown Affected No source, Support note 2827611.1 12/14/21
Oracle Oracle Data Integrator (ODI) Unknown Fixed Yes source, Support note 2827611.1, Support Note 2827793.1 [Patch Available, Support Note 2827793.1] (https://support.oracle.com/rs?type=doc&id=2827793.1) 12/14/21
Oracle Oracle WebCenter Sites Unknown Fixed Yes source, Support note 2827611.1, Support Note 2827793.1 [Patch Available, Support Note 2827793.1] (https://support.oracle.com/rs?type=doc&id=2827793.1) 12/14/21
Oracle Oracle Enterprise Repository Unknown Fixed Yes source, Support note 2827611.1, Support Note 2827793.1 [Patch Available, Support Note 2827793.1] (https://support.oracle.com/rs?type=doc&id=2827793.1) 12/14/21
Oracle Oracle JDeveloper Unknown Fixed Yes source, Support note 2827611.1, Support Note 2827793.1 [Patch Available, Support Note 2827793.1] (https://support.oracle.com/rs?type=doc&id=2827793.1) 12/14/21
openHAB openHAB 3.0.4, 3.1.1 Fixed Yes source 12/14/21
OTRS All products Fixed Yes source 12/14/21
OWASP ZAP < 2.11.1 Fixed Yes source 12/14/21
PagerDuty Rundeck 3.3+ Fixed Yes source No statement from PagerDuty yet. 12/14/21
Palo Alto WildFire Appliance Fixed Yes source 12/14/21
Palo Alto Prisma Cloud Compute Fixed Yes source 12/14/21
Palo Alto Prisma Cloud Fixed Yes source 12/14/21
Palo Alto PAN-OS Fixed Yes source 12/14/21
Palo Alto GlobalProtect App Fixed Yes source 12/14/21
Palo Alto Cortex XSOAR Fixed Yes source 12/14/21
Palo Alto Cortex XDR Agent Fixed Yes source 12/14/21
Palo Alto CloudGenix Fixed Yes source 12/14/21
Palo Alto Bridgecrew Fixed Yes source 12/14/21
PaperCut PaperCut MF >= 21.0 Fixed Yes source 12/14/21
PaperCut PaperCut NG >= 21.0 Fixed Yes source 12/14/21
PaperCut PaperCut Hive Not Affected No source 12/14/21
PaperCut PaperCut Pocket Not Affected No source 12/14/21
PaperCut PaperCut Views Not Affected No source 12/14/21
PaperCut PaperCut Print Logger Not Affected No source 12/14/21
PaperCut PaperCut MobilityPrint Not Affected No source 12/14/21
PaperCut PaperCut MultiVerse Not Affected No source 12/14/21
PaperCut PaperCut Online Services Not Affected No source 12/14/21
Parallels Remote Application Server All versions Not Affected No source 12/14/21
Pega Pega Platform On Prem Fixed Yes source 12/14/21
Planon Software Planon Universe all Not Affected No source 12/14/21
Plex Industrial IoT Not Affected No source Mitigation already applied, patch will be issued today 12/14/21
Postgres PostgreSQL JDBC Not Affected No source 12/14/21
Progress OpenEdge Fixed Yes source, mitigations 12/14/21
Progress DataDirect Hybrid Data Pipeline Fixed Yes source, mitigations 12/14/21
Portex Portex <3.0.2 Fixed Yes source 12/14/21
Pulse Secure Pulse Secure Virtual Traffic Manager Fixed Yes source 12/14/21
Pulse Secure Pulse Secure Services Director Fixed Yes source 12/14/21
Pulse Secure Pulse Secure Web Application Firewall Fixed Yes source 12/14/21
Pulse Secure Pulse Connect Secure Fixed Yes source 12/14/21
Pulse Secure Ivanti Connect Secure (ICS) Fixed Yes source 12/14/21
Pulse Secure Pulse Policy Secure Fixed Yes source 12/14/21
Pulse Secure Pulse Desktop Client Fixed Yes source 12/14/21
Pulse Secure Pulse Mobile Client Fixed Yes source 12/14/21
Pulse Secure Pulse One Fixed Yes source 12/14/21
Pulse Secure Pulse ZTA Fixed Yes source 12/14/21
Pulse Secure Ivanti Neurons for ZTA Fixed Yes source 12/14/21
Pulse Secure Ivanti Neurons for secure Access Fixed Yes source 12/14/21
Puppet Continuous Delivery for Puppet Enterprise 3.x, < 4.10.2 Fixed Yes source, workaround,mitigations Update available for version 4.x, mitigations for 3.x which is EOL 12/14/21
Puppet Puppet agents Fixed Yes source 12/14/21
Puppet Puppet Enterprise Fixed Yes source 12/14/21
PTV xServer internet 1 / PTV xServer internet 2 PTV xServer internet 1 / PTV xServer internet 2 Unknown Fixed Yes source 12/14/21
PTV TLN planner internet PTV TLN planner internet Unknown Fixed Yes source 12/14/21
PTV Route Optimizer SaaS / Demonstrator PTV Route Optimizer SaaS / Demonstrator Unknown Fixed Yes source 12/14/21
PTV Developer PTV Developer Unknown Fixed Yes source 12/14/21
PTV Visum Publisher PTV Visum Publisher Unknown Fixed Yes source 12/14/21
PTV xServer 2.x (on prem) PTV xServer 2.x (on prem) Unknown Affected No source 12/14/21
PTV xServer 1.34 (on prem) PTV xServer 1.34 (on prem) Unknown Affected No source 12/14/21
PTV MaaS Modeller PTV MaaS Modeller Unknown Affected No source 12/14/21
PTV Route Optimiser CL PTV Route Optimiser CL Unknown Affected No source 12/14/21
PTV Route Optimiser ST PTV Route Optimiser ST Unknown Affected No source 12/14/21
PTV Map&Market PTV Map&Market Unknown Affected No source 12/14/21
PTV Arrival Board / Trip Creator / EM Portal PTV Arrival Board / Trip Creator / EM Portal Unknown Affected No source 12/14/21
PTV Drive&Arrive PTV Drive&Arrive Unknown Affected No source 12/14/21
PTV xServer < 1.34 (on prem) PTV xServer < 1.34 (on prem) Unknown Not Affected No source 12/14/21
PTV Road Editor PTV Road Editor Unknown Not Affected No source 12/14/21
PTV Map&Guide internet PTV Map&Guide internet Unknown Not Affected No source 12/14/21
PTV Map&Guide intranet PTV Map&Guide intranet Unknown Not Affected No source 12/14/21
PTV Navigator Licence Manager PTV Navigator Licence Manager Unknown Not Affected No source 12/14/21
PTV Navigator App PTV Navigator App Unknown Not Affected No source 12/14/21
PTV Drive&Arrive App PTV Drive&Arrive App Unknown Not Affected No source 12/14/21
PTV Visum PTV Visum Unknown Not Affected No source 12/14/21
PTV Vissim PTV Vissim Unknown Not Affected No source 12/14/21
PTV Vistro PTV Vistro Unknown Not Affected No source 12/14/21
PTV Viswalk PTV Viswalk Unknown Not Affected No source 12/14/21
PTV Balance and PTV Epics PTV Balance and PTV Epics Unknown Not Affected No source 12/14/21
PTV Hyperpath PTV Hyperpath Unknown Not Affected No source 12/14/21
PTV TRE and PTV Tre-Addin PTV TRE and PTV Tre-Addin Unknown Not Affected No source 12/14/21
PTV Optima PTV Optima Unknown Not Affected No source 12/14/21
QlikTech International Compose Not Affected No source 12/14/21
QlikTech International Nprinting Not Affected No source 12/14/21
QlikTech International QEM products Not Affected No source 12/14/21
QlikTech International Qlik Replicate Not Affected No source 12/14/21
QlikTech International Qlik Sense Enterprise Not Affected No source 12/14/21
QlikTech International QlikView Not Affected No source 12/14/21
QOS.ch SLF4J Simple Logging Facade for Java Not Affected No source SLF4J API doesn't protect against the vulnerability when using a vulnerable version of log4j 12/14/21
Red Hat Red Hat OpenShift Container Platform 4 openshift4/ose-metering-presto Affected No source 12/14/21
Red Hat Red Hat OpenShift Container Platform 4 openshift4/ose-metering-hive Affected No source 12/14/21
Red Hat Red Hat OpenShift Container Platform 4 openshift4/ose-logging-elasticsearch6 Affected No source 12/14/21
Red Hat Red Hat OpenShift Container Platform 3.11 openshift3/ose-logging-elasticsearch5 Affected No source 12/14/21
Red Hat Red Hat OpenStack Platform 13 (Queens) opendaylight Affected No source 12/14/21
Red Hat Red Hat OpenShift Logging logging-elasticsearch6-container Affected No source 12/14/21
Red Hat Red Hat build of Quarkus Affected No source 12/14/21
Red Hat Red Hat Descision Manager 7 Affected No source 12/14/21
Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack Affected No source 12/14/21
Red Hat Red Hat Process Automation 7 Affected No source 12/14/21
Red Hat A-MQ Clients 2 Affected No source 12/14/21
Red Hat Red Hat CodeReady Studio 12 Affected No source 12/14/21
Red Hat Red Hat Data Grid 8 Affected No source 12/14/21
Red Hat Red Hat Integration Camel K Affected No source 12/14/21
Red Hat Red Hat Integration Camel Quarkus Affected No source 12/14/21
Red Hat Red Hat JBoss A-MQ Streaming Affected No source 12/14/21
Red Hat Red Hat JBoss Fuse 7 Affected No source 12/14/21
Red Hat Red Hat OpenShift Application Runtimes Affected No source 12/14/21
Red Hat Red Hat Single Sign-On 7 Affected No source 12/14/21
Red Hat Red Hat JBoss Enterprise Application Platform 6 Affected No source 12/14/21
Redis Redis Enterprise & Open Source all Affected No source Redis Enterprise and Open Source Redis (self-managed software product) does not use Java and is therefore not impacted by this vulnerability 12/14/21
RSA SecurID Authentication Manager Affected No source Version 8.6 Patch 1 contains a version of log4j that is vulnerable, but this vulnerability is not exploitable. 12/14/21
RSA SecurID Authentication Manager Prime Affected No source 12/14/21
RSA SecurID Authentication Manager WebTier Affected No source 12/14/21
RSA SecurID Identity Router (On-Prem component of Cloud Authentication Service) Affected No source 12/14/21
RSA SecurID Governance and Lifecycle (SecurID G&L) Affected No source 12/14/21
RSA SecurID Governance and Lifecycle Cloud (SecurID G&L Cloud) Affected No source 12/14/21
Safe FME Server Affected No source 12/14/21
Salesforce All products Affected No source 12/14/21
SAS Institute JMP Not Affected No source 12/14/21
SAS Institute SAS Profile Fixed Yes source 12/14/21
SAS Institute SAS Cloud Solutions Fixed Yes source 12/14/21
Security Onion Solutions Security Onion 2.3.90 20211210 Fixed Yes source 12/14/21
Shibboleth Shibboleth IdP/SP Fixed Yes source 12/14/21
SolarWinds Database Performance Analyzer 2021.1.x, 2021.3.x, 2022.1.x Fixed Yes source, workaround 12/14/21
SolarWinds Server & Application Monitor >= 2020.2.6 Fixed Yes source, workaround 12/14/21
SolarWinds Orion Platform core Not Affected No source 12/14/21
SonarSource SonarQube Fixed Yes source 12/14/21
SonarSource SonarCloud Fixed Yes source 12/14/21
SonicWall Gen5 Firewalls (EOS) Fixed Yes source 12/14/21
SonicWall Gen6 Firewalls Fixed Yes source 12/14/21
SonicWall Gen7 Firewalls Fixed Yes source 12/14/21
SonicWall SonicWall Switch Fixed Yes source 12/14/21
SonicWall SMA 100 Fixed Yes source 12/14/21
SonicWall SMA 1000 12.1.0, 12.4.1 Fixed Yes source 12/14/21
SonicWall Email Security 10.x Affected No source 12/14/21
SonicWall MSW Affected No source 12/14/21
SonicWall NSM Affected No source 12/14/21
SonicWall Analyzer Affected No source 12/14/21
SonicWall Analytics Affected No source 12/14/21
SonicWall GMS Affected No source 12/14/21
SonicWall Capture Client & Capture Client Portal Affected No source 12/14/21
SonicWall CAS Affected No source 12/14/21
SonicWall WAF Affected No source 12/14/21
SonicWall Access Points Affected No source 12/14/21
SonicWall WNM Affected No source 12/14/21
SonicWall Capture Security Appliance Affected No source 12/14/21
SonicWall WXA Affected No source 12/14/21
SonicWall SonicCore Affected No source 12/14/21
Sophos Sophos Central Affected No source 12/14/21
Sophos Sophos Firewall All Affected No source 12/14/21
Sophos SG UTM All Affected No source 12/14/21
Sophos SG UTM Manager (SUM) All Affected No source 12/14/21
Sophos Sophos ZTNA Affected No source 12/14/21
Sophos Cloud Optix Fixed Yes source 12/14/21
Sophos Sophos Home Fixed Yes source 12/14/21
Sophos Sophos Mobile Fixed Yes source 12/14/21
Sophos Sophos Mobile EAS Proxy 9.7.2 Fixed Yes source 12/14/21
Sophos Reflexion Fixed Yes source 12/14/21
Splunk Add-On: Java Management Extensions 3.0.0, 2.1.0 Affected No source 12/14/21
Splunk Add-On: JBoss 3.0.0, 2.1.0 Affected No source 12/14/21
Splunk Add-On: Tomcat 3.0.0, 2.1.0 Affected No source 12/14/21
Splunk Data Stream Processor DSP 1.0.x, DSP 1.1.x, DSP 1.2.x Affected No source 12/14/21
Splunk IT Service Intelligence (ITSI) 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.x Affected No source 12/14/21
Splunk Splunk Connect for Kafka <2.0.4 Fixed Yes source 12/14/21
Splunk Splunk Enterprise All supported non-Windows versions of 8.1.x and 8.2.x only if Hadoop (Hunk) and/or DFS are used. Fixed Yes source 12/14/21
Splunk Splunk Enterprise Amazon Machine Image (AMI) see Splunk Enterprise Fixed Yes source 12/14/21
Splunk Splunk Enterprise Docker Container see Splunk Enterprise Fixed Yes source 12/14/21
Splunk Splunk Logging Library for Java <1.11.1 Fixed Yes source 12/14/21
Splunk Stream Processor Service Current Affected No source 12/14/21
Splunk Admin Config Service all Not Affected No source 12/14/21
Splunk Analytics Workspace all Not Affected No source 12/14/21
Splunk Behavior Analytics all Not Affected No source 12/14/21
Splunk Dashboard Studio all Not Affected No source 12/14/21
Splunk Developer Tools: AppInspect all Not Affected No source 12/14/21
Splunk Enterprise Security all Not Affected No source 12/14/21
Splunk Intelligence Management (TruSTAR) all Not Affected No source 12/14/21
Splunk KV Service all Not Affected No source 12/14/21
Splunk Mission Control all Not Affected No source 12/14/21
Splunk MLTK all Not Affected No source 12/14/21
Splunk Operator for Kubernetes all Not Affected No source 12/14/21
Splunk Security Analytics for AWS all Not Affected No source 12/14/21
Splunk SignalFx Smart Agent all Not Affected No source 12/14/21
Splunk SOAR Cloud (Phantom) all Not Affected No source 12/14/21
Splunk SOAR (On-Premises) all Not Affected No source 12/14/21
Splunk Splunk Application Performance Monitoring all Not Affected No source 12/14/21
Splunk Splunk Augmented Reality all Not Affected No source 12/14/21
Splunk Splunk Cloud Data Manager (SCDM) all Not Affected No source 12/14/21
Splunk Splunk Connect for Kubernetes all Not Affected No source 12/14/21
Splunk Splunk Connect for SNMP all Not Affected No source 12/14/21
Splunk Splunk Connect for Syslog all Not Affected No source 12/14/21
Splunk Splunk DB Connect all Not Affected No source 12/14/21
Splunk Splunk Enterprise Cloud all Not Affected No source 12/14/21
Splunk Splunk Heavyweight Forwarder (HWF) all Not Affected No source 12/14/21
Splunk Splunk Infrastructure Monitoring all Not Affected No source 12/14/21
Splunk Splunk Log Observer all Not Affected No source 12/14/21
Splunk Splunk Mint all Not Affected No source 12/14/21
Splunk Splunk Mobile all Not Affected No source 12/14/21
Splunk Splunk Network Performance Monitoring all Not Affected No source 12/14/21
Splunk Splunk On-Call/Victor Ops all Not Affected No source 12/14/21
Splunk Splunk Open Telemetry Distributions all Not Affected No source 12/14/21
Splunk Splunk Profiling all Not Affected No source 12/14/21
Splunk Splunk Real User Monitoring all Not Affected No source 12/14/21
Splunk Splunk Secure Gateway (Spacebridge) all Not Affected No source 12/14/21
Splunk Splunk Synthetics all Not Affected No source 12/14/21
Splunk Splunk TV all Not Affected No source 12/14/21
Splunk Splunk Universal Forwarder (UF) all Not Affected No source 12/14/21
Splunk Splunk User Behavior Analytics (UBA) all Not Affected No source 12/14/21
Stardog Stardog <7.8.1 Fixed Yes source 12/14/21
Synacor Zimbra 8.8.15 and 9.x Not Affected No source Zimbra stated (in their private support portal) they're not vulnerable. Currently supported Zimbra versions ship 1.2.6 12/14/21
Synology DSM Not Affected No source The base DSM is not affected. Software installed via the package manager may be vulnerable. 12/14/21
Talend Talend Component Kit Fixed Yes source 12/14/21
Tealium All products Fixed Yes source 12/14/21
TheHive Cortex all Not Affected No source 12/14/21
TheHive TheHive all Not Affected No source 12/14/21
Topicus Security Topicus KeyHub all Not Affected No source 12/14/21
TrendMicro ActiveUpdate Not Affected No source 12/14/21
TrendMicro Apex Central (including as a Service) Not Affected No source 12/14/21
TrendMicro Apex One (all versions including Mac and Saas) Not Affected No source 12/14/21
TrendMicro Cloud App Security Not Affected No source 12/14/21
TrendMicro Cloud Edge Not Affected No source 12/14/21
TrendMicro Cloud One - Application Security Not Affected No source 12/14/21
TrendMicro Cloud One - Common Services Not Affected No source 12/14/21
TrendMicro Cloud One - Conformity Not Affected No source 12/14/21
TrendMicro Cloud One - Container Security Not Affected No source 12/14/21
TrendMicro Cloud One - File Storage Security Not Affected No source 12/14/21
TrendMicro Cloud One - Network Security Not Affected No source 12/14/21
TrendMicro Cloud One - Workload Secuity Not Affected No source 12/14/21
TrendMicro Cloud Sandbox Not Affected No source 12/14/21
TrendMicro Deep Discovery Advisor Not Affected No source 12/14/21
TrendMicro Deep Discovery Analyzer Not Affected No source 12/14/21
TrendMicro Deep Discovery Director Not Affected No source 12/14/21
TrendMicro Deep Discovery Email Inspector Not Affected No source 12/14/21
TrendMicro Deep Discovery Inspector Not Affected No source 12/14/21
TrendMicro Deep Discovery Web Inspector Not Affected No source 12/14/21
TrendMicro Deep Security Not Affected No source 12/14/21
TrendMicro Endpoint Application Control Not Affected No source 12/14/21
TrendMicro Fraudbuster Not Affected No source 12/14/21
TrendMicro Home Network Security Not Affected No source 12/14/21
TrendMicro Housecall Not Affected No source 12/14/21
TrendMicro Instant Messaging Security Not Affected No source 12/14/21
TrendMicro Internet Security for Mac (Consumer) Not Affected No source 12/14/21
TrendMicro Interscan Messaging Security Not Affected No source 12/14/21
TrendMicro Interscan Messaging Security Virtual Appliance (IMSVA) Not Affected No source 12/14/21
TrendMicro Interscan Web Security Suite Not Affected No source 12/14/21
TrendMicro Interscan Web Security Virtual Appliance (IWSVA) Not Affected No source 12/14/21
TrendMicro Mobile Secuirty for Enterprise Not Affected No source 12/14/21
TrendMicro MyAccount (Consumer Sign-on) Not Affected No source 12/14/21
TrendMicro Network Viruswall Not Affected No source 12/14/21
TrendMicro OfficeScan Not Affected No source 12/14/21
TrendMicro Password Manager Not Affected No source 12/14/21
TrendMicro Phish Insight Not Affected No source 12/14/21
TrendMicro Policy Manager Not Affected No source 12/14/21
TrendMicro Portable Security Not Affected No source 12/14/21
TrendMicro PortalProtect Not Affected No source 12/14/21
TrendMicro Remote Manager Not Affected No source 12/14/21
TrendMicro Rescue Disk Not Affected No source 12/14/21
TrendMicro Rootkit Buster Not Affected No source 12/14/21
TrendMicro Safe Lock Not Affected No source 12/14/21
TrendMicro Safe Lock 2.0 Not Affected No source 12/14/21
TrendMicro Sandbox as a Service Not Affected No source 12/14/21
TrendMicro ScanMail for Domino Not Affected No source 12/14/21
TrendMicro ScanMail for Exchange Not Affected No source 12/14/21
TrendMicro Secuirty for Mac Not Affected No source 12/14/21
TrendMicro Security for NAS Not Affected No source 12/14/21
TrendMicro ServerProtect (all versions) Not Affected No source 12/14/21
TrendMicro Smart Home Network Not Affected No source 12/14/21
TrendMicro Smart Protection Complete Not Affected No source 12/14/21
TrendMicro Smart Protection for Endpoints Not Affected No source 12/14/21
TrendMicro Smart Protection Server (SPS) Not Affected No source 12/14/21
TrendMicro TippingPoint (all variations) Not Affected No source 12/14/21
TrendMicro TMUSB Not Affected No source 12/14/21
TrendMicro Trend Micro Email Security & HES Fixed Yes source 12/14/21
TrendMicro Trend Micro ID Security Not Affected No source 12/14/21
TrendMicro Trend Micro Remote Manager Not Affected No source 12/14/21
TrendMicro Trend Micro Web Security Not Affected No source 12/14/21
TrendMicro Vision One Fixed Yes source 12/14/21
TrendMicro Vulnerability Protection Fixed Yes source 12/14/21
TrendMicro Worry-Free Business Security (on-prem) Fixed Yes source 12/14/21
TrendMicro Worry-Free Business Security Services Not Affected No source 12/14/21
Ubiquiti UniFi Network Application 6.5.54 Fixed Yes source 12/14/21
US Signal Remote Management and Monitoring platform Fixed Yes source 12/14/21
USoft USoft 9.1.1F Affected No proof Found by manual scanning 12/14/21
Veeam All products Affected No source Veeam is still investigating, but it looks like the Veeam products don't use log4j 12/14/21
VMware API Portal for VMware Tanzu 1.x Affected No source 12/14/21
VMware AppDefense Appliance 2.x Fixed Yes source, workaround 12/14/21
VMware App Metrics 2.1.1 Fixed Yes source, fix 12/14/21
VMware Carbon Black Cloud Workload Appliance 1.x Fixed Yes source, workaround 12/14/21
VMware Carbon Black EDR Server 7.x, 6.x Fixed Yes source, workaround, fix Fixed in 7.6.0 12/14/21
VMware Cloud Foundation 4.x, 3.x Fixed Yes source, workaround 12/14/21
VMware Cloud Gateway for VMware Tanzu 1.x Affected No source 12/14/21
VMware Cloud Services for VMware Tanzu 3.x Affected No source 12/14/21
VMware HCX 4.x, 3.x Affected No source
12/14/21
VMware Healthwatch for Tanzu Application Service 2.1.7, 1.8.6 Fixed Yes source, fix 12/14/21
VMware Horizon 8.x, 7.x Fixed Yes source, workaround 12/14/21
VMware Horizon Cloud Connector 1.x, 2.x Fixed Yes source, fix 12/14/21
VMware Horizon DaaS 9.1.x, 9.0.x Fixed Yes source, workaround 12/14/21
VMware Identity Manager 3.3.x Fixed Yes source, workaround 12/14/21
VMware NSX Data Center for vSphere 6.x Fixed Yes source, workaround 12/14/21
VMware NSX-T Data Center 3.x, 2.x Fixed Yes source, workaround 12/14/21
VMware Single Sign-On for VMware Tanzu Application Service 1.x Affected No source 12/14/21
VMware Site Recovery Manager 8.x Affected No source, workaround 12/14/21
VMware Spring Boot < 2.5.8, < 2.6.2 Fixed Yes source 12/14/21
VMware Spring Cloud Gateway for Kubernetes 1.x Affected No source 12/14/21
VMware Tanzu Application Service for VMs 2.x Fixed Yes source, workaround, fix 12/14/21
VMware Tanzu GemFire 8.x Fixed Yes source, workaround 12/14/21
VMware Tanzu Greenplum 6.x Fixed Yes source, workaround 12/14/21
VMware Tanzu Kubernetes Grid Integrated Edition 2.x Fixed Yes source, workaround 12/14/21
VMware Tanzu Observability by Wavefront Nozzle 3.0.3 Fixed Yes source, fix 12/14/21
VMware Tanzu Operations Manager 2.x Fixed Yes source, workaround, fix 12/14/21
VMware Tanzu SQL with MySQL for VMs 2.x, 1.x Affected No source 12/14/21
VMware Telco Cloud Automation 2.x, 1.x Affected No source 12/14/21
VMware Unified Access Gateway 21.x, 20.x, 3.x Fixed Yes source, workaround 12/14/21
VMware vCenter Cloud Gateway 1.x Fixed Yes source, workaround 12/14/21
VMware vCenter Server 6.x Fixed Yes source, workaround Running on: Windows 12/14/21
VMware vCenter Server 7.x, 6.x Fixed Yes source, workaround Running on: Virtual Appliance 12/14/21
VMware vCloud Director all Not Affected No source
12/14/21
VMware vCloud Workstation all Not Affected No source
12/14/21
VMware vRealize Automation 8.x, 7.x Affected No source 12/14/21
VMware vRealize Lifecycle Manager 8.x Fixed Yes source, workaround 12/14/21
VMware vRealize Log Insight 8.x Fixed Yes source, workaround 12/14/21
VMware vRealize Operations 8.x Fixed Yes source, workaround 12/14/21
VMware vRealize Operations Cloud Proxy Any Fixed Yes source, workaround 12/14/21
VMware vRealize Orchestrator 8.x, 7.x Affected No source 12/14/21
VMware vSphere ESXi Unknown Affected No source 12/14/21
VMware Workspace ONE Access 21.x, 20.x Fixed Yes source, workaround 12/14/21
VMware Workspace ONE Access Connector (VMware Identity Manager Connector) 19.03.0.1, 20.x, 21.x Fixed Yes source, workaround 12/14/21
Watcher Watcher all Not Affected No source
12/14/21
Wind River Wind River Linux <= 8 Not Affected No source "contain package log4j, but their version is 1.2.x, too old to be affected" 12/14/21
Wind River Wind River Linux > 8 Not Affected No source no support for log4j 12/14/21
WitFoo WitFoo Precinct 6.x Fixed Yes source WitFoo Streamer & Apache Kafka Docker containers are/were vulnerable 12/14/21
Wowza Wowza Streaming Engine 4.7.8, 4.8.x Fixed Yes source 12/14/21
Yahoo Vespa Not Affected No source Your Vespa application may still be affected if log4j is included in your application package 12/14/21
Zabbix Zabbix Not Affected No source Zabbix is aware of this vulnerability, has completed verification, and can conclude that the only product where we use Java is Zabbix Java Gateway, which does not utilize the log4j library, thereby is not impacted by this vulnerability. 12/14/21
Zammad Zammad Fixed Yes source Most of Zammad instances make use of Elasticsearch which might be vulnerable. 12/14/21
Zerto Virtual Replication Appliance Not Affected No source 12/14/21
Zerto Zerto Cloud Appliance Not Affected No source 12/14/21
Zerto Zerto Cloud Manager Not Affected No source 12/14/21
Zerto Zerto Virtual Manager Not Affected No source 12/14/21
Zesty Zesty.io Not Affected No source 12/14/21