1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-17 06:17:55 +00:00
log4j-affected-db/software_lists/software_list_O.md

82 lines
12 KiB
Markdown

# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
## Status Descriptions ##
| Status | Description |
| ------ | ----------- |
| Unknown | Status unknown. Default choice. |
| Affected | Reported to be affected by CVE-2021-44228. |
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
| Fixed | Patch and/or mitigations available (see provided links). |
| Under Investigation | Vendor investigating status. |
## Software List ##
This list has been populated using information from the following sources:
- Kevin Beaumont
- SwitHak
- National Cyber Security Centre - Netherlands (NCSC-NL)
NOTE: This file is automatically generated. To submit updates, please refer to
[`CONTRIBUTING.md`](CONTRIBUTING.md).
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
| Objectif Lune | | | | Unknown | [link](https://learn.objectiflune.com/blog/security/statement-on-log4j-vulnerability-cve-2021-4428/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OCLC | | | | Unknown | [link](https://oclc.service-now.com/status) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Octopus | | | | Unknown | [link](https://advisories.octopus.com/adv/December.2306508680.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Okta | Advanced Server Access | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Access Gateway | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta AD Agent | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Browser Plugin | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta IWA Web Agent | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta LDAP Agent | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Mobile | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta On-Prem MFA Agent | < 1.4.6 | | Affected | [link](https://trust.okta.com/security-advisories/okta-on-prem-mfa-agent-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta RADIUS Server Agent | < 2.17.0 | | Affected | [link](https://trust.okta.com/security-advisories/okta-radius-server-agent-cve-2021-44228) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Verify | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Okta | Okta Workflows | | | Unknown | [link](https://sec.okta.com/articles/2021/12/log4shell) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-12 |
| Onespan | | | | Unknown | [link](https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Opengear | | | | Unknown | [link](https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenMRS TALK | | | | Unknown | [link](https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenNMS | | | | Unknown | [link](https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenSearch | | | | Unknown | [link](https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OpenText | | | | Unknown | [link](https://www.opentext.com/support/log4j-remote-code-execution-advisory) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-23 |
| Opto 22 | GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP | < 4.3g | 4.3g | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Opto 22 | GROOV-AT1, GROOV-AT1-SNAP | < 4.3g | 4.3g | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Opto 22 | GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP | < 4.3g | 4.3g | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Opto 22 | GRV-EPIC-PR1, GRV-EPIC-PR2 | < 3.3.2 | 3.3.2 | Fixed | [link](https://blog.opto22.com/optoblog/new-update-to-address-log4shell/log4j-exploit) | The Log4j vulnerability affects all products running groov View software | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-13 |
| Oracle | | | | Unknown | [link](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html) | The support document is available to customers only and has not been reviewed by CISA | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Oracle | Enterprise Manager | 13.5, 13.4 & 13.3.2 | | Affected | [link](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html) | Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Oracle | Exadata | <21.3.4 | | Affected | [link](https://www.oracle.com/security-alerts/alert-cve-2021-44228.html) | Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| Orgavision | | | | Unknown | [link](https://www.orgavision.com/neuigkeiten/sicherheitsluecke-java-library-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Osirium | PAM | | | Unknown | [link](https://www.osirium.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Osirium | PEM | | | Unknown | [link](https://www.osirium.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| Osirium | PPA | | | Unknown | [link](https://www.osirium.com/blog/apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OTRS | | | | Unknown | [link](https://portal.otrs.com/external) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OVHCloud | | | | Unknown | [link](https://blog.ovhcloud.com/log4shell-how-to-protect-my-cloud-workloads/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OwnCloud | | | | Unknown | [link](https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
| OxygenXML | Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Developer | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Editor | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen Content Fusion | 2.0, 3.0, 4.1 | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen Feedback Enterprise | 1.4.4 & older | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen License Server | v22.1 to v24.0 | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen PDF Chemistry | v22.1, 23.0, 23.1, 24.0 | | Affected | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Oxygen SDK | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Plugins (see advisory link) | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Publishing Engine | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | Web Author | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
| OxygenXML | WebHelp | | | Unknown | | [https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html](https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html) | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |