mirror of
https://github.com/cisagov/log4j-affected-db.git
synced 2024-11-17 06:17:55 +00:00
64 lines
7.6 KiB
Markdown
64 lines
7.6 KiB
Markdown
# CISA Log4j (CVE-2021-44228) Affected Vendor & Software List #
|
|
|
|
[0-9](software_list_Non-Alphabet.md) [A](software_list_A.md) [B](software_list_B.md)
|
|
[C](software_list_C.md) [D](software_list_D.md) [E](software_list_E.md)
|
|
[F](software_list_F.md) [G](software_list_G.md) [H](software_list_H.md)
|
|
[I](software_list_I.md) [J](software_list_J.md) [K](software_list_K.md)
|
|
[L](software_list_L.md) [M](software_list_M.md) [N](software_list_N.md)
|
|
[O](software_list_O.md) [P](software_list_P.md) [Q](software_list_Q.md)
|
|
[R](software_list_R.md) [S](software_list_S.md) [T](software_list_T.md)
|
|
[U](software_list_U.md) [V](software_list_V.md) [W](software_list_W.md)
|
|
[X](software_list_X.md) [Y](software_list_Y.md) [Z](software_list_Z.md)
|
|
|
|
## Status Descriptions ##
|
|
|
|
| Status | Description |
|
|
| ------ | ----------- |
|
|
| Unknown | Status unknown. Default choice. |
|
|
| Affected | Reported to be affected by CVE-2021-44228. |
|
|
| Not Affected | Reported to NOT be affected by CVE-2021-44228 and no further action necessary. |
|
|
| Fixed | Patch and/or mitigations available (see provided links). |
|
|
| Under Investigation | Vendor investigating status. |
|
|
|
|
## Software List ##
|
|
|
|
This list has been populated using information from the following sources:
|
|
|
|
- Kevin Beaumont
|
|
- SwitHak
|
|
- National Cyber Security Centre - Netherlands (NCSC-NL)
|
|
|
|
NOTE: This file is automatically generated. To submit updates, please refer to
|
|
[`CONTRIBUTING.md`](CONTRIBUTING.md).
|
|
|
|
| Vendor | Product | Affected Versions | Patched Versions | Status | Vendor Links | Notes | References | Reporter | Last Updated |
|
|
| ------ | ------- | ----------------- | ---------------- | ------ | ------------ | ----- | ---------- | -------- | ------------ |
|
|
| Zabbix | | | | Unknown | [link](https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| ZAMMAD | | | | Unknown | [link](https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zaproxy | | | | Unknown | [link](https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zebra | | | | Unknown | [link](https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zeiss | Cataract Suite | | 1.3.1 | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zeiss | EQ Workplace | | 1.6, 1.8 | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zeiss | FORUM | | 4.2.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zeiss | Glaucoma Workplace | | 3.5.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zeiss | Laser Treatment Workplace | | 1.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zeiss | Retina Workplace | | 2.5.x, 2.6.x | Fixed | [link](https://www.zeiss.com/meditec/int/cybersecurity/apache-log4j/english.html) | Patch is available. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zendesk | All Products | All Versions | | Affected | [link](https://support.zendesk.com/hc/en-us/articles/4413583476122) | Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-13 |
|
|
| Zenoss | | | | Unknown | [link](https://support.zenoss.com/hc/en-us) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zentera Systems, Inc. | CoIP Access Platform | | | Not Affected | [link](https://support.zentera.net/hc/en-us/articles/4416227743511--CVE-2021-44228-Log4Shell-Vulnerability-in-Apache-Log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-17 |
|
|
| Zerto | Cloud Appliance | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zerto | Cloud Manager | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zerto | Virtual Manager | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zerto | Virtual Replication Appliance | | | Not Affected | [link](https://help.zerto.com/kb/000004822) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zesty | | | | Unknown | [link](https://www.zesty.io/mindshare/company-announcements/log4j-exploit/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zimbra | | | | Unknown | [link](https://bugzilla.zimbra.com/show_bug.cgi?id=109428) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zix | | | | Unknown | [link](https://status.appriver.com/) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-16 |
|
|
| Zoho | Online | | | Unknown | [link](https://help.zoho.com/portal/en/community/topic/update-on-the-recent-apache-log4j-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-02-01 |
|
|
| Zoom | | | | Not Affected | [link](https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| ZPE systems Inc | | | | Unknown | [link](https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zscaler | See Link (Multiple Products) | | | Unknown | [link](https://trust.zscaler.com/posts/9581) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-15 |
|
|
| Zyxel | | | | Unknown | [link](https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2022-01-12 |
|
|
| Zyxel | All other products | | | Not Affected | [link](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
|
|
| Zyxel | Netlas Element Management System (EMS) | | | Affected | [link](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | Hotfix availibility Dec. 20 2021. Patch availability in end of Feb. 2022. | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
|
|
| Zyxel | Security Firewall/Gateways | | | Not Affected | [link](https://community.zyxel.com/en/discussion/12229/zyxel-security-advisory-for-apache-log4j-rce-vulnerability) | | | [cisagov](https://github.com/cisagov/log4j-affected-db) | 2021-12-14 |
|