1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-22 16:40:48 +00:00
log4j-affected-db/SOFTWARE-LIST.md
2022-01-25 20:31:24 +00:00

756 KiB
Raw Blame History

CISA Log4j (CVE-2021-44228) Affected Vendor & Software List

Status Descriptions

Status Description
Unknown Status unknown. Default choice.
Affected Reported to be affected by CVE-2021-44228.
Not Affected Reported to NOT be affected by CVE-2021-44228 and no further action necessary.
Fixed Patch and/or mitigations available (see provided links).
Under Investigation Vendor investigating status.

Software List

This list was initially populated using information from the following sources:

  • Kevin Beaumont
  • SwitHak

NOTE: This file is automatically generated. To submit updates, please refer to CONTRIBUTING.md.

Vendor Product Affected Versions Patched Versions Status Vendor Links Notes References Reporter Last Updated
1Password All products Not Affected link cisagov 2021-01-14
2n Unknown link cisagov 2022-01-12
3CX Unknown link cisagov 2022-01-12
3M Health Information Systems CGS Unknown link This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-15
7-Zip Unknown link cisagov 2022-01-12
ABB Unknown link cisagov 2022-01-12
ABB ABB Remote Service ABB Remote Platform (RAP) Affected cisagov 2022-01-12
ABB AlarmInsight Cloud AlarmInsight KPI Dashboards 1.0.0 Affected cisagov 2022-01-12
ABB B&R Products See Vendor Advisory Affected link cisagov 2022-01-12
Abbott Unknown link cisagov 2021-12-15
Abnormal Security Abnormal Security Unknown link cisagov 2022-01-12
Accellence Unknown link cisagov 2022-01-12
Accellion Kiteworks v7.6 release Fixed link "As a precaution, Kiteworks released a 7.6.1 Hotfix software update to address the vulnerability. This patch release adds the mitigation for CVE-2021-44228 contained in the Solr package as recommended by Apache Solr group. Specifically, it updates the Log4j library to a non-vulnerable version on CentOS 7 systems as well as adds the recommended option “$SOLR_OPTS -Dlog4j2.formatMsgNoLookups=true” to disable the possible attack vector on both CentOS 6 and CentOS 7." cisagov 2021-12-16
Acquia Unknown link cisagov 2022-01-12
Acronis Unknown link cisagov 2022-01-12
ActiveState Unknown link cisagov 2022-01-12
Adaptec Unknown link cisagov 2022-01-12
Addigy Unknown link cisagov 2022-01-12
Adeptia Unknown link cisagov 2022-01-12
Adobe ColdFusion Unknown link cisagov 2022-01-12
ADP Unknown link cisagov 2022-01-12
Advanced Systems Concepts (formally Jscape) Active MFT Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
Advanced Systems Concepts (formally Jscape) MFT Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
Advanced Systems Concepts (formally Jscape) MFT Gateway Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
Advanced Systems Concepts (formally Jscape) MFT Server Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-14
AFAS Software Unknown link cisagov 2022-01-12
AFHCAN Global LLC AFHCANcart Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANmobile Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANServer Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANsuite Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANupdate Not Affected link cisagov 2022-01-12
AFHCAN Global LLC AFHCANweb Not Affected link cisagov 2022-01-12
Agilysys Unknown link cisagov 2022-01-12
Akamai SIEM Splunk Connector All Affected link v1.4.11 is the new recommendation for mitigation of log4j vulnerabilities cisagov 2021-12-15
Alcatel Unknown link cisagov 2022-01-12
Alertus Unknown link cisagov 2022-01-12
Alexion Unknown link cisagov 2022-01-12
Alfresco Unknown link cisagov 2022-01-12
AlienVault Unknown link cisagov 2022-01-12
Alphatron Medical Unknown link cisagov 2022-01-12
Amazon Athena Unknown link cisagov 2022-01-12
Amazon AWS Not Affected Notes: Amazon Linux 1 had aws apitools which were Java based but these were deprecated in 2015 AWS Forum. AMIs used to inspect and verify (base spin ups) - amzn-ami-hvm-2018.03.0.20200318.1-x86_64-gp2 and amzn2-ami-kernel-5.10-hvm-2.0.20211201.0-x86_64-gp2 cisagov 2021-12-15
Amazon AWS API Gateway All Fixed link cisagov 2021-12-20
Amazon AWS CloudHSM < 3.4.1. Affected link cisagov 2022-01-12
Amazon AWS Connect All Fixed link Vendors recommend evaluating components of the environment outside of the Amazon Connect service boundary, which may require separate/additional customer mitigation cisagov 2021-12-23
Amazon AWS DynamoDB Unknown Fixed link cisagov 2021-12-17
Amazon AWS EKS, ECS, Fargate Unknown Affected link To help mitigate the impact of the open-source Apache “Log4j2" utility (CVE-2021-44228 and CVE-2021-45046) security issues on customers containers, Amazon EKS, Amazon ECS, and AWS Fargate are deploying a Linux-based update (hot-patch). This hot-patch will require customer opt-in to use, and disables JNDI lookups from the Log4J2 library in customers containers. These updates are available as an Amazon Linux package for Amazon ECS customers, as a DaemonSet for Kubernetes users on AWS, and will be in supported AWS Fargate platform versions cisagov 2021-12-16
Amazon AWS ElastiCache Unknown Fixed link cisagov 2021-12-17
Amazon AWS ELB Unknown Fixed link cisagov 2021-12-16
Amazon AWS Inspector Unknown Fixed link cisagov 2021-12-17
Amazon AWS Kinesis Data Stream Unknown Affected link We are actively patching all sub-systems that use Log4j2 by applying updates. The Kinesis Client Library (KCL) version 2.X and the Kinesis Producer Library (KPL) are not impacted. For customers using KCL 1.x, we have released an updated version and we strongly recommend that all KCL version 1.x customers upgrade to KCL version 1.14.5 (or higher) cisagov 2021-12-14
Amazon AWS Lambda Unknown Affected link cisagov 2022-01-12
Amazon AWS Lambda Unknown Affected link cisagov 2022-01-12
Amazon AWS RDS Unknown Fixed link Amazon RDS and Amazon Aurora have been updated to mitigate the issues identified in CVE-2021-44228 cisagov 2021-12-17
Amazon AWS S3 Unknown Fixed link cisagov 2021-12-14
Amazon AWS SNS Unknown Fixed link Amazon SNS systems that serve customer traffic are patched against the Log4j2 issue. We are working to apply the Log4j2 patch to sub-systems that operate separately from SNSs systems that serve customer traffic cisagov 2021-12-14
Amazon AWS SQS Unknown Fixed link cisagov 2021-12-15
Amazon CloudFront Unknown link cisagov 2022-01-12
Amazon CloudWatch Unknown link cisagov 2022-01-12
Amazon EC2 Not Affected link cisagov 2021-12-15
Amazon ELB Unknown link cisagov 2022-01-12
Amazon KMS Unknown link cisagov 2022-01-12
Amazon OpenSearch Unknown Affected link cisagov 2022-01-12
Amazon RDS Unknown link cisagov 2022-01-12
Amazon Route 53 Unknown link cisagov 2022-01-12
Amazon S3 Unknown link cisagov 2022-01-12
Amazon Translate Unknown link Service not identified on AWS Log4j Security Bulletin cisagov 2022-01-12
Amazon VPC Unknown link cisagov 2022-01-12
AMD All Unknown link Currently, no AMD products have been identified as affected. AMD is continuing its analysis. cisagov 2021-12-22
Anaconda Anaconda Not Affected link cisagov 2021-12-21
Apache ActiveMQ Artemis Not Affected link ActiveMQ Artemis does not use Log4j for logging. However, Log4j 1.2.17 is included in the Hawtio-based web console application archive (i.e. web/console.war/WEB-INF/lib). Although this version of Log4j is not impacted by CVE-2021-44228 future versions of Artemis will be updated so that the Log4j jar is no longer included in the web console application archive. See ARTEMIS-3612 for more information on that task. cisagov 2021-12-21
Apache Airflow Unknown link Airflow is written in Python cisagov 2022-01-12
Apache Camel 3.14.1.3.11.5, 3.7.7 Affected link Apache Camel does not directly depend on Log4j 2, so we are not affected by CVE-2021-44228.If you explicitly added the Log4j 2 dependency to your own applications, make sure to upgrade.Apache Camel does use log4j during testing itself, and therefore you can find that we have been using log4j v2.13.3 release in our latest LTS releases Camel 3.7.6, 3.11.4. cisagov 2021-12-13
Apache Camel 2 Unknown link cisagov 2021-12-13
Apache Camel JBang <=3.1.4 Affected link cisagov 2021-12-13
Apache Camel K Unknown link cisagov 2021-12-13
Apache Camel Karaf Unknown link The Karaf team is aware of this and are working on a new Karaf 4.3.4 release with updated log4j. cisagov 2021-12-13
Apache Camel Quarkus Unknown link cisagov 2021-12-13
Apache CamelKafka Connector Unknown link cisagov 2021-12-13
Apache Druid < druid 0.22.0 Affected link cisagov 2021-12-12
Apache Flink < 1.14.2, 1.13.5, 1.12.7, 1.11.6 Fixed link To clarify and avoid confusion: The 1.14.1 / 1.13.4 / 1.12.6 / 1.11.5 releases, which were supposed to only contain a Log4j upgrade to 2.15.0, were skipped because CVE-2021-45046 was discovered during the release publication. The new 1.14.2 / 1.13.5 / 1.12.7 / 1.11.6 releases include a version upgrade for Log4j to version 2.16.0 to address CVE-2021-44228 and CVE-2021-45046. https://flink.apache.org/news/2021/12/16/log4j-patch-releases.html cisagov 2021-12-12
Apache Kafka Not Affected link The current DB lists Apache Kafka as impacted. Apache Kafka uses Log4jv1, not v2. cisagov 2021-12-14
Apache Kafka Unknown Affected link Only vulnerable in certain configuration(s) cisagov 2022-01-12
Apache Log4j < 2.15.0 Affected link cisagov 2022-01-12
Apache Solr 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 Fixed link Update to 8.11.1 or apply fixes as described in Solr security advisory Apache Solr 8.11.1 downloads cisagov 2021-12-16
Apache Struts 2 Versions before 2.5.28.1 Affected link The Apache Struts group is pleased to announce that Struts 2.5.28.1 is available as a “General Availability” release. The GA designation is our highest quality grade. This release addresses Log4j vulnerability CVE-2021-45046 by using the latest Log4j 2.12.2 version (Java 1.7 compatible). Apache Struts Release Downloads cisagov 2021-12-21
Apache Tomcat 9.0.x Affected link Apache Tomcat 9.0.x has no dependency on any version of log4j. Web applications deployed on Apache Tomcat may have a dependency on log4j. You should seek support from the application vendor in this instance. It is possible to configure Apache Tomcat 9.0.x to use log4j 2.x for Tomcat's internal logging. This requires explicit configuration and the addition of the log4j 2.x library. Anyone who has switched Tomcat's internal logging to log4j 2.x is likely to need to address this vulnerability. In most cases, disabling the problematic feature will be the simplest solution. Exactly how to do that depends on the exact version of log4j 2.x being used. Details are provided on the log4j 2.x security page cisagov 2021-12-21
APC by Schneider Electric Powerchute Business Edition v9.5, v10.0.1, v10.0.2, v10.0.3, v10.0.4 Fixed link Mitigation instructions to remove the affected class. cisagov 2021-12-15
APC by Schneider Electric Powerchute Network Shutdown 4.2, 4.3, 4.4, 4.4.1 Fixed link Mitigation instructions to remove the affected class. cisagov 2021-12-15
Apereo CAS 6.3.x & 6.4.x Affected link cisagov 2022-01-12
Apereo Opencast < 9.10, < 10.6 Affected link cisagov 2022-01-12
Apigee Unknown link cisagov 2022-01-12
Apollo Unknown link cisagov 2022-01-12
Appdynamics Unknown link cisagov 2022-01-12
Appeon PowerBuilder Appeon PowerBuilder 2017-2021 regardless of product edition Affected cisagov 2021-12-15
AppGate Unknown link cisagov 2022-01-12
Appian Appian Platform All Fixed link cisagov 2021-12-22
Application Performance Ltd DBMarlin Not Affected Affected cisagov 2021-12-15
Application Performance Ltd DBMarlin Unknown link cisagov 2021-12-15
APPSHEET Unknown link cisagov 2022-01-12
Aptible Aptible ElasticSearch 5.x Affected link cisagov 2022-01-12
Aqua Security Unknown link cisagov 2022-01-12
Arbiter Systems All Unknown link cisagov 2021-12-22
ARC Informatique All Not Affected link cisagov 2022-01-13
Arca Noae Unknown link cisagov 2022-01-12
Arcserve Arcserve Backup Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Arcserve Continuous Availability Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Arcserve Email Archiving Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Arcserve UDP Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve ShadowProtect Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve ShadowXafe Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve Solo Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
Arcserve StorageCraft OneXafe Not Affected link https://support.storagecraft.com/s/question/0D51R000089NnT3SAK/does-storagecraft-have-a-publicly-available-response-to-the-log4j-vulnerability-is-there-a-reference-for-any-findings-negative-positive-the-company-has-in-their-investigations-it-seems-it-would-greatly-benefit-support-and-customers-both?language=en_US cisagov 2021-12-14
ArcticWolf Unknown link cisagov 2022-01-12
Arduino Unknown link cisagov 2022-01-12
Ariba Unknown link cisagov 2022-01-12
Arista Unknown link cisagov 2022-01-12
Aruba Networks Unknown link cisagov 2022-01-12
Ataccama Unknown link cisagov 2022-01-12
Atera Unknown link cisagov 2022-01-12
Atlassian Bamboo Server & Data Center Not Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Bitbucket Server & Data Center All Affected link This product is not vulnerable to remote code execution but may leak information due to the bundled Elasticsearch component being vulnerable. cisagov 2022-01-12
Atlassian Confluence Server & Data Center Not Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Crowd Server & Data Center Not Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Crucible Not Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Fisheye Not Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Atlassian Jira Server & Data Center Not Affected link This product may be affected by a related but lower severity vulnerability if running in a specific non-default configuration. cisagov 2022-01-12
Attivo networks Unknown link cisagov 2022-01-12
Atvise All Not Affected link The security vulnerability does NOT affect our applications and products or pose any threat. This applies to all Bachmann applications and products, including atvise solutions. cisagov 2022-01-17
AudioCodes Unknown link cisagov 2022-01-12
Autodesk Unknown link Autodesk is continuing to perform a thorough investigation in relation to the recently discovered Apache Log4j security vulnerabilities. We continue to implement several mitigating factors for our products including patching, network firewall blocks, and updated detection signatures to reduce the threat of this vulnerability and enhance our ability to quickly respond to potential malicious activity. We have not identified any compromised systems in the Autodesk environment due to this vulnerability, at this time. This is an ongoing investigation and we will provide updates on the Autodesk Trust Center as we learn more. cisagov 2021-12-21
Automox Unknown link cisagov 2022-01-12
Autopsy Unknown link cisagov 2022-01-12
Auvik Unknown link cisagov 2022-01-12
Avantra SYSLINK Unknown link cisagov 2022-01-12
Avaya Avaya Analytics 3.5, 3.6, 3.6.1, 3.7, 4 Affected link cisagov 2021-12-14
Avaya Avaya Aura for OneCloud Private Unknown link Avaya is scanning and monitoring its OneCloud Private environments as part of its management activities. Avaya will continue to monitor this fluid situation and remediations will be made as patches become available, in accordance with appropriate change processes. cisagov 2021-12-14
Avaya Avaya Aura® Application Enablement Services 8.1.3.2, 8.1.3.3, 10.1 Affected link PSN020551u cisagov 2021-12-14
Avaya Avaya Aura® Contact Center 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 Affected link cisagov 2021-12-14
Avaya Avaya Aura® Device Services 8, 8.1, 8.1.4, 8.1.5 Affected link cisagov 2021-12-14
Avaya Avaya Aura® Device Services 8.0.1, 8.0.2, 8.1.3 Affected link cisagov 2021-12-14
Avaya Avaya Aura® Media Server 8.0.0, 8.0.1, 8.0.2 Affected link PSN020549u cisagov 2021-12-14
Avaya Avaya Aura® Presence Services 10.1, 7.1.2, 8, 8.0.1, 8.0.2, 8.1, 8.1.1, 8.1.2, 8.1.3, 8.1.4 Affected link cisagov 2021-12-14
Avaya Avaya Aura® Session Manager 10.1, 7.1.3, 8, 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 Affected link PSN020550u cisagov 2021-12-14
Avaya Avaya Aura® System Manager 10.1, 8.1.3 Affected link PSN005565u cisagov 2021-12-14
Avaya Avaya Aura® Web Gateway 3.11[P], 3.8.1[P], 3.8[P], 3.9.1 [P], 3.9[P] Affected link cisagov 2021-12-14
Avaya Avaya Breeze™ 3.7, 3.8, 3.8.1 Affected link cisagov 2021-12-14
Avaya Avaya Contact Center Select 7.0.2, 7.0.3, 7.1, 7.1.1, 7.1.2 Affected link cisagov 2021-12-14
Avaya Avaya CRM Connector - Connected Desktop 2.2 Affected link cisagov 2021-12-14
Avaya Avaya Device Enablement Service 3.1.22 Affected link cisagov 2021-12-14
Avaya Avaya Meetings 9.1.10, 9.1.11, 9.1.12 Affected link cisagov 2021-12-14
Avaya Avaya one cloud private -UCaaS - Mid Market Aura 1 Affected link cisagov 2021-12-14
Avaya Avaya OneCloud-Private 2 Affected link cisagov 2021-12-14
Avaya Avaya Session Border Controller for Enterprise 8.0.1, 8.1, 8.1.1, 8.1.2, 8.1.3 Affected link PSN020554u cisagov 2021-12-14
Avaya Avaya Social Media Hub Unknown link cisagov 2021-12-14
Avaya Avaya Workforce Engagement 5.3 Affected link cisagov 2021-12-14
Avaya Business Rules Engine 3.4, 3.5, 3.6, 3.7 Affected link cisagov 2021-12-14
Avaya Callback Assist 5, 5.0.1 Affected link cisagov 2021-12-14
Avaya Control Manager 9.0.2, 9.0.2.1 Affected link cisagov 2021-12-14
Avaya Device Enrollment Service 3.1 Affected link cisagov 2021-12-14
Avaya Equinox™ Conferencing 9.1.2 Affected link cisagov 2021-12-14
Avaya Interaction Center 7.3.9 Affected link cisagov 2021-12-14
Avaya IP Office™ Platform 11.0.4, 11.1, 11.1.1, 11.1.2 Affected link cisagov 2021-12-14
Avaya Proactive Outreach Manager 3.1.2, 3.1.3, 4, 4.0.1 Affected link cisagov 2021-12-14
AVEPOINT Unknown link cisagov 2022-01-12
AVM Unknown link cisagov 2022-01-12
AvTech RoomAlert Unknown link cisagov 2022-01-12
AWS New Unknown link cisagov 2022-01-12
AXON Unknown link cisagov 2022-01-12
AXS Guard Unknown link cisagov 2022-01-12
Axways Applications Unknown link cisagov 2022-01-12
B&R Industrial Automation APROL Unknown link cisagov 2021-12-16
BackBox Unknown link cisagov 2022-01-12
Balbix Unknown link cisagov 2022-01-12
Baramundi Products Unknown link cisagov 2022-01-12
Barco Unknown link cisagov 2022-01-12
Barracuda Unknown link cisagov 2022-01-12
Baxter Unknown link cisagov 2021-12-20
BBraun APEX® Compounder Unknown link cisagov 2021-12-20
BBraun DoseTrac® Server, DoseLink™ Server, and Space® Online Suite Server software Unknown link cisagov 2021-12-20
BBraun Outlook® Safety Infusion System Pump family Unknown link cisagov 2021-12-20
BBraun Pinnacle® Compounder Unknown link cisagov 2021-12-20
BBraun Pump, SpaceStation, and Space® Wireless Battery) Unknown link cisagov 2021-12-20
BBraun Space® Infusion Pump family (Infusomat® Space® Infusion Pump, Perfusor® Space® Infusion Unknown link cisagov 2021-12-20
BD Arctic Sun™ Analytics Unknown link cisagov 2021-12-20
BD BD Diabetes Care App Cloud Unknown link cisagov 2021-12-20
BD BD HealthSight™ Clinical Advisor Unknown link cisagov 2021-12-20
BD BD HealthSight™ Data Manager Unknown link cisagov 2021-12-20
BD BD HealthSight™ Diversion Management Unknown link cisagov 2021-12-20
BD BD HealthSight™ Infection Advisor Unknown link cisagov 2021-12-20
BD BD HealthSight™ Inventory Optimization Analytics Unknown link cisagov 2021-12-20
BD BD HealthSight™ Medication Safety Unknown link cisagov 2021-12-20
BD BD Knowledge Portal for BD Pyxis™ Supply Unknown link cisagov 2021-12-20
BD BD Knowledge Portal for Infusion Technologies Unknown link cisagov 2021-12-20
BD BD Knowledge Portal for Medication Technologies Unknown link cisagov 2021-12-20
BD BD Synapsys™ Informatics Solution Unknown link cisagov 2021-12-20
BD BD Veritor™ COVID At Home Solution Cloud Unknown link cisagov 2021-12-20
Beckman Coulter Unknown link cisagov 2021-12-20
Beijer Electronics acirro+ Unknown link cisagov 2021-12-22
Beijer Electronics BFI frequency inverters Unknown link cisagov 2021-12-22
Beijer Electronics BSD servo drives Unknown link cisagov 2021-12-22
Beijer Electronics CloudVPN Unknown link cisagov 2021-12-22
Beijer Electronics FnIO-G and M Distributed IO Unknown link cisagov 2021-12-22
Beijer Electronics iX Developer Unknown link cisagov 2021-12-22
Beijer Electronics Nexto modular PLC Unknown link cisagov 2021-12-22
Beijer Electronics Nexto Xpress compact controller Unknown link cisagov 2021-12-22
Beijer Electronics WARP Engineering Studio Unknown link cisagov 2021-12-22
Bender Unknown link cisagov 2022-01-12
Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) Unknown link cisagov 2022-01-12
BeyondTrust Privilege Management Cloud Unknown Fixed link cisagov 2021-12-17
BeyondTrust Privilege Management Reporting in BeyondInsight 21.2 Fixed link cisagov 2021-12-17
BeyondTrust Secure Remote Access appliances Not Affected link cisagov 2021-12-17
BeyondTrust Bomgar Unknown link cisagov 2022-01-12
BioMerieux Unknown link cisagov 2021-12-22
BisectHosting Unknown link cisagov 2022-01-12
BitDefender Unknown link cisagov 2022-01-12
BitNami By VMware Unknown link cisagov 2022-01-12
BitRise Unknown link cisagov 2022-01-12
Bitwarden Unknown link cisagov 2022-01-12
Biztory Fivetran Unknown link Vendor review indicated Fivetran is not vulnerable to Log4j2 cisagov 2022-01-12
Black Kite Unknown link cisagov 2022-01-12
Blancco Unknown link cisagov 2022-01-12
Blumira Unknown link cisagov 2022-01-12
BMC Bladelogic Database Automation Unknown link cisagov 2022-01-12
BMC BMC AMI Ops Unknown link cisagov 2022-01-12
BMC BMC AMI Products Unknown link cisagov 2022-01-12
BMC BMC Compuware Unknown link cisagov 2022-01-12
BMC BMC Helix Automation Console Unknown link cisagov 2022-01-12
BMC BMC Helix Business Workflows Unknown link cisagov 2022-01-12
BMC BMC Helix Client Management Unknown link cisagov 2022-01-12
BMC BMC Helix Cloud Cost Unknown link cisagov 2022-01-12
BMC BMC Helix Cloud Security Unknown link cisagov 2022-01-12
BMC BMC Helix CMDB Unknown link cisagov 2022-01-12
BMC BMC Helix Continuous Optimization Unknown link cisagov 2022-01-12
BMC BMC Helix Control-M Unknown link cisagov 2022-01-12
BMC BMC Helix Digital Workplace Unknown link cisagov 2022-01-12
BMC BMC Helix Discovery Unknown link cisagov 2022-01-12
BMC BMC Helix ITSM Unknown link cisagov 2022-01-12
BMC BMC Helix Knowledge Management Unknown link cisagov 2022-01-12
BMC BMC Helix Operations Management with AIOps Unknown link cisagov 2022-01-12
BMC BMC Helix Platform Unknown link cisagov 2022-01-12
BMC BMC Helix platform Unknown link cisagov 2022-01-12
BMC BMC Helix Remediate Unknown link cisagov 2022-01-12
BMC BMC Helix Remediate Unknown link cisagov 2022-01-12
BMC BMC Helix Remedyforce Unknown link cisagov 2022-01-12
BMC BMC Helix Virtual Agent Unknown link cisagov 2022-01-12
BMC Cloud Lifecycle Management Unknown link cisagov 2022-01-12
BMC Control-M Unknown link cisagov 2022-01-12
BMC Footprints Unknown link cisagov 2022-01-12
BMC MainView Middleware Administrator Unknown link cisagov 2022-01-12
BMC MainView Middleware Monitor Unknown link cisagov 2022-01-12
BMC Remedy ITSM (IT Service Management) Unknown link cisagov 2022-01-12
BMC SmartIT Unknown link cisagov 2022-01-12
BMC Track-It! Unknown link cisagov 2022-01-12
BMC TrueSight Automation for Networks Unknown link cisagov 2022-01-12
BMC TrueSight Automation for Servers Unknown link cisagov 2022-01-12
BMC TrueSight Capacity Optimization Unknown link cisagov 2022-01-12
BMC TrueSight Infrastructure Management Unknown link cisagov 2022-01-12
BMC TrueSight Operations Management Unknown link cisagov 2022-01-12
BMC TrueSight Orchestration Unknown link cisagov 2022-01-12
Bosch Unknown link cisagov 2021-12-22
Boston Scientific Unknown link cisagov 2021-12-20
Box Unknown link cisagov 2022-01-12
Brainworks Unknown link cisagov 2022-01-12
BrightSign Unknown link cisagov 2022-01-12
Broadcom Advanced Secure Gateway (ASG) Unknown link cisagov 2022-01-12
Broadcom Automic Automation Unknown link cisagov 2022-01-12
Broadcom BCAAA Unknown link cisagov 2022-01-12
Broadcom CA Advanced Authentication 9.1 Affected cisagov 2022-01-12
Broadcom CA Risk Authentication Unknown cisagov 2022-01-12
Broadcom CA Strong Authentication Unknown cisagov 2022-01-12
Broadcom Cloud Workload Protection (CWP) Unknown link cisagov 2022-01-12
Broadcom Cloud Workload Protection for Storage (CWP:S) Unknown link cisagov 2022-01-12
Broadcom CloudSOC Cloud Access Security Broker (CASB) Unknown link cisagov 2022-01-12
Broadcom Content Analysis (CA) Unknown link cisagov 2022-01-12
Broadcom Critical System Protection (CSP) Unknown link cisagov 2022-01-12
Broadcom Data Center Security (DCS) Unknown link cisagov 2022-01-12
Broadcom Data Loss Prevention (DLP) Unknown link cisagov 2022-01-12
Broadcom Email Security Service (ESS) Unknown link cisagov 2022-01-12
Broadcom Ghost Solution Suite (GSS) Unknown link cisagov 2022-01-12
Broadcom HSM Agent Unknown link cisagov 2022-01-12
Broadcom Industrial Control System Protection (ICSP) Unknown link cisagov 2022-01-12
Broadcom Integrated Cyber Defense Manager (ICDm) Unknown link cisagov 2022-01-12
Broadcom Integrated Secure Gateway (ISG) Unknown link cisagov 2022-01-12
Broadcom IT Management Suite Unknown link cisagov 2022-01-12
Broadcom Layer7 API Developer Portal Unknown link cisagov 2022-01-12
Broadcom Layer7 API Gateway Unknown link cisagov 2022-01-12
Broadcom Layer7 Mobile API Gateway Unknown link cisagov 2022-01-12
Broadcom Management Center (MC) Unknown link cisagov 2022-01-12
Broadcom PacketShaper (PS) S-Series Unknown link cisagov 2022-01-12
Broadcom PolicyCenter (PC) S-Series Unknown link cisagov 2022-01-12
Broadcom Privileged Access Manager Unknown link cisagov 2022-01-12
Broadcom Privileged Access Manager Server Control Unknown link cisagov 2022-01-12
Broadcom Privileged Identity Manager Unknown link cisagov 2022-01-12
Broadcom ProxySG Unknown link cisagov 2022-01-12
Broadcom Reporter Unknown link cisagov 2022-01-12
Broadcom Secure Access Cloud (SAC) Unknown link cisagov 2022-01-12
Broadcom Security Analytics (SA) Unknown link cisagov 2022-01-12
Broadcom SiteMinder (CA Single Sign-On) Unknown link cisagov 2022-01-12
Broadcom SSL Visibility (SSLV) Unknown link cisagov 2022-01-12
Broadcom Symantec Control Compliance Suite (CCS) Unknown link cisagov 2022-01-12
Broadcom Symantec Directory Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Detection and Response (EDR) Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Encryption (SEE) Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Protection (SEP) Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Protection (SEP) for Mobile Unknown link cisagov 2022-01-12
Broadcom Symantec Endpoint Protection Manager (SEPM) 14.3 Affected link cisagov 2022-01-12
Broadcom Symantec Identity Governance and Administration (IGA) Unknown link cisagov 2022-01-12
Broadcom Symantec Mail Security for Microsoft Exchange (SMSMSE) Unknown link cisagov 2022-01-12
Broadcom Symantec Messaging Gateway (SMG) Unknown link cisagov 2022-01-12
Broadcom Symantec PGP Solutions Unknown link cisagov 2022-01-12
Broadcom Symantec Protection Engine (SPE) Unknown link cisagov 2022-01-12
Broadcom Symantec Protection for SharePoint Servers (SPSS) Unknown link cisagov 2022-01-12
Broadcom VIP Unknown link cisagov 2022-01-12
Broadcom VIP Authentication Hub Unknown link cisagov 2022-01-12
Broadcom Web Isolation (WI) Unknown link cisagov 2022-01-12
Broadcom Web Security Service (WSS) Unknown link cisagov 2022-01-12
Broadcom WebPulse Unknown link cisagov 2022-01-12
C4b XPHONE Unknown link cisagov 2022-01-12
Campbell Scientific All Unknown link cisagov 2021-12-23
Camunda Unknown link cisagov 2022-01-12
Canary Labs All Unknown link cisagov 2021-12-22
Canon Alphenix (Angio Workstation) Unknown link cisagov 2021-12-22
Canon CT Medical Imaging Products Unknown link cisagov 2021-12-22
Canon Infinix-i (Angio Workstation) Unknown link cisagov 2021-12-22
Canon MR Medical Imaging Products Unknown link cisagov 2021-12-22
Canon NM Medical Imaging Products Unknown link cisagov 2021-12-22
Canon UL Medical Imaging Products Unknown link cisagov 2021-12-22
Canon Vitrea Advanced 7.x Unknown link cisagov 2021-12-22
Canon XR Medical Imaging Products Unknown link cisagov 2021-12-22
CapStorm Copystorm Unknown cisagov 2021-12-22
CarbonBlack Unknown link cisagov 2022-01-12
Carestream Unknown link cisagov 2021-12-20
Carrier Unknown link cisagov 2022-01-12
CAS genesisWorld Unknown link cisagov 2022-01-12
Cato Networks Unknown link cisagov 2022-01-12
Cepheid C360 Unknown link cisagov 2021-12-20
Cepheid GeneXpert Unknown link cisagov 2021-12-20
Cerberus FTP Unknown link cisagov 2022-01-12
Chaser Systems discrimiNAT Firewall Not Affected link cisagov 2022-01-12
Check Point CloudGuard Not Affected link cisagov 2022-01-12
Check Point Harmony Endpoint & Harmony Mobile Not Affected link cisagov 2022-01-12
Check Point Infinity Portal Unknown link cisagov 2022-01-12
Check Point Quantum Security Gateway Not Affected link cisagov 2022-01-12
Check Point Quantum Security Management Not Affected link Where used, uses the 1.8.0_u241 version of the JRE that protects against this attack by default. cisagov 2022-01-12
Check Point SMB Not Affected link cisagov 2022-01-12
Check Point ThreatCloud Unknown link cisagov 2022-01-12
CheckMK Unknown link cisagov 2022-01-12
Ciphermail Unknown link cisagov 2022-01-12
CircleCI CircleCI Unknown link cisagov 2021-12-21
CIS Unknown link cisagov 2022-01-12
Cisco AppDynamics Unknown link cisagov 2022-01-12
Cisco Cisco ACI Multi-Site Orchestrator Unknown link cisagov 2022-01-12
Cisco Cisco ACI Virtual Edge Unknown link cisagov 2022-01-12
Cisco Cisco Adaptive Security Appliance (ASA) Software Unknown link cisagov 2022-01-12
Cisco Cisco Advanced Web Security Reporting Application Unknown link cisagov 2022-01-12
Cisco Cisco AMP Virtual Private Cloud Appliance Unknown link cisagov 2022-01-12
Cisco Cisco AnyConnect Secure Mobility Client Unknown link cisagov 2022-01-12
Cisco Cisco Application Policy Infrastructure Controller (APIC) Unknown link cisagov 2022-01-12
Cisco Cisco ASR 5000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco Broadcloud Calling Unknown link cisagov 2022-01-12
Cisco Cisco BroadWorks Unknown link cisagov 2022-01-12
Cisco Cisco Catalyst 9800 Series Wireless Controllers Unknown link cisagov 2022-01-12
Cisco Cisco CloudCenter Suite Admin Unknown link cisagov 2022-01-12
Cisco Cisco CloudCenter Workload Manager Unknown link cisagov 2022-01-12
Cisco Cisco Cognitive Intelligence Unknown link cisagov 2022-01-12
Cisco Cisco Common Services Platform Collector Unknown link cisagov 2022-01-12
Cisco Cisco Computer Telephony Integration Object Server (CTIOS) Unknown link cisagov 2022-01-12
Cisco Cisco Connected Grid Device Manager Unknown link cisagov 2022-01-12
Cisco Cisco Connected Mobile Experiences Unknown link cisagov 2022-01-12
Cisco Cisco Connectivity Unknown link cisagov 2022-01-12
Cisco Cisco Contact Center Domain Manager (CCDM) Unknown link cisagov 2022-01-12
Cisco Cisco Contact Center Management Portal (CCMP) Unknown link cisagov 2022-01-12
Cisco Cisco Crosswork Change Automation Unknown link cisagov 2022-01-12
Cisco Cisco CX Cloud Agent Software Unknown link cisagov 2022-01-12
Cisco Cisco Data Center Network Manager (DCNM) Unknown link cisagov 2022-01-12
Cisco Cisco Defense Orchestrator Unknown link cisagov 2022-01-12
Cisco Cisco DNA Assurance Unknown link cisagov 2022-01-12
Cisco Cisco DNA Center Unknown link cisagov 2022-01-12
Cisco Cisco DNA Spaces Unknown link cisagov 2022-01-12
Cisco Cisco Elastic Services Controller (ESC) Unknown link cisagov 2022-01-12
Cisco Cisco Emergency Responder Unknown link cisagov 2022-01-12
Cisco Cisco Enterprise Chat and Email Unknown link cisagov 2022-01-12
Cisco Cisco Enterprise NFV Infrastructure Software (NFVIS) Unknown link cisagov 2022-01-12
Cisco Cisco Evolved Programmable Network Manager Unknown link cisagov 2022-01-12
Cisco Cisco Extensible Network Controller (XNC) Unknown link cisagov 2022-01-12
Cisco Cisco Finesse Unknown link cisagov 2022-01-12
Cisco Cisco Firepower Management Center Unknown link cisagov 2022-01-12
Cisco Cisco Firepower Threat Defense (FTD) Unknown link cisagov 2022-01-12
Cisco Cisco GGSN Gateway GPRS Support Node Unknown link cisagov 2022-01-12
Cisco Cisco HyperFlex System Unknown link cisagov 2022-01-12
Cisco Cisco Identity Services Engine (ISE) Unknown link cisagov 2022-01-12
Cisco Cisco Integrated Management Controller (IMC) Supervisor Unknown link cisagov 2022-01-12
Cisco Cisco Intersight Unknown link cisagov 2022-01-12
Cisco Cisco Intersight Virtual Appliance Unknown link cisagov 2022-01-12
Cisco Cisco IOS and IOS XE Software Unknown link cisagov 2022-01-12
Cisco Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) Unknown link cisagov 2022-01-12
Cisco Cisco IoT Operations Dashboard Unknown link cisagov 2022-01-12
Cisco Cisco IOx Fog Director Unknown link cisagov 2022-01-12
Cisco Cisco IP Services Gateway (IPSG) Unknown link cisagov 2022-01-12
Cisco Cisco Kinetic for Cities Unknown link cisagov 2022-01-12
Cisco Cisco MDS 9000 Series Multilayer Switches Unknown link cisagov 2022-01-12
Cisco Cisco Meeting Server Unknown link cisagov 2022-01-12
Cisco Cisco MME Mobility Management Entity Unknown link cisagov 2022-01-12
Cisco Cisco Modeling Labs Unknown link cisagov 2022-01-12
Cisco Cisco Network Assessment (CNA) Tool Unknown link cisagov 2022-01-12
Cisco Cisco Network Assurance Engine Unknown link cisagov 2022-01-12
Cisco Cisco Network Convergence System 2000 Series Unknown link cisagov 2022-01-12
Cisco Cisco Network Planner Unknown link cisagov 2022-01-12
Cisco Cisco Network Services Orchestrator (NSO) Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 5500 Platform Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 5600 Platform Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 6000 Series Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 7000 Series Switches Unknown link cisagov 2022-01-12
Cisco Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Unknown link cisagov 2022-01-12
Cisco Cisco Nexus Dashboard (formerly Cisco Application Services Engine) Unknown link cisagov 2022-01-12
Cisco Cisco Nexus Data Broker Unknown link cisagov 2022-01-12
Cisco Cisco Nexus Insights Unknown link cisagov 2022-01-12
Cisco Cisco Optical Network Planner Unknown link cisagov 2022-01-12
Cisco Cisco Packaged Contact Center Enterprise Unknown link cisagov 2022-01-12
Cisco Cisco Paging Server Unknown link cisagov 2022-01-12
Cisco Cisco Paging Server (InformaCast) Unknown link cisagov 2022-01-12
Cisco Cisco PDSN/HA Packet Data Serving Node and Home Agent Unknown link cisagov 2022-01-12
Cisco Cisco PGW Packet Data Network Gateway Unknown link cisagov 2022-01-12
Cisco Cisco Policy Suite Unknown link cisagov 2022-01-12
Cisco Cisco Prime Central for Service Providers Unknown link cisagov 2022-01-12
Cisco Cisco Prime Collaboration Manager Unknown link cisagov 2022-01-12
Cisco Cisco Prime Collaboration Provisioning Unknown link cisagov 2022-01-12
Cisco Cisco Prime Infrastructure Unknown link cisagov 2022-01-12
Cisco Cisco Prime License Manager Unknown link cisagov 2022-01-12
Cisco Cisco Prime Network Unknown link cisagov 2022-01-12
Cisco Cisco Prime Optical for Service Providers Unknown link cisagov 2022-01-12
Cisco Cisco Prime Provisioning Unknown link cisagov 2022-01-12
Cisco Cisco Prime Service Catalog Unknown link cisagov 2022-01-12
Cisco Cisco Registered Envelope Service Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge 1000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge 2000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge 5000 Series Routers Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vEdge Cloud Router Platform Unknown link cisagov 2022-01-12
Cisco Cisco SD-WAN vManage Unknown link cisagov 2022-01-12
Cisco Cisco Secure Network Analytics (SNA), formerly Stealthwatch Unknown link cisagov 2022-01-12
Cisco Cisco SocialMiner Unknown link cisagov 2022-01-12
Cisco Cisco System Architecture Evolution Gateway (SAEGW) Unknown link cisagov 2022-01-12
Cisco Cisco TelePresence Management Suite Unknown link cisagov 2022-01-12
Cisco Cisco UCS Director Unknown link cisagov 2022-01-12
Cisco Cisco UCS Performance Manager Unknown link cisagov 2022-01-12
Cisco Cisco Umbrella Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Advanced Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Business Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Department Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Enterprise Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Attendant Console Premium Edition Unknown link cisagov 2022-01-12
Cisco Cisco Unified Communications Manager Cloud Unknown link cisagov 2022-01-12
Cisco Cisco Unified Contact Center Enterprise Unknown link cisagov 2022-01-12
Cisco Cisco Unified Contact Center Enterprise - Live Data server Unknown link cisagov 2022-01-12
Cisco Cisco Unified Contact Center Express Unknown link cisagov 2022-01-12
Cisco Cisco Unified Intelligent Contact Management Enterprise Unknown link cisagov 2022-01-12
Cisco Cisco Unified SIP Proxy Software Unknown link cisagov 2022-01-12
Cisco Cisco Video Surveillance Operations Manager Unknown link cisagov 2022-01-12
Cisco Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM Unknown link cisagov 2022-01-12
Cisco Cisco Virtualized Voice Browser Unknown link cisagov 2022-01-12
Cisco Cisco Vision Dynamic Signage Director Unknown link cisagov 2022-01-12
Cisco Cisco WAN Automation Engine (WAE) Unknown link cisagov 2022-01-12
Cisco Cisco Web Security Appliance (WSA) Unknown link cisagov 2022-01-12
Cisco Cisco Webex Cloud-Connected UC (CCUC) Unknown link cisagov 2022-01-12
Cisco Cisco Webex Meetings Server Unknown link cisagov 2022-01-12
Cisco Cisco Webex Teams Unknown link cisagov 2022-01-12
Cisco Cisco Wide Area Application Services (WAAS) Unknown link cisagov 2022-01-12
Cisco Duo Unknown link cisagov 2022-01-12
Cisco DUO network gateway (on-prem/self-hosted) Unknown cisagov 2022-01-12
Cisco duo network gateway (on-prem/self-hosted) Unknown cisagov 2022-01-12
Cisco Exony Virtualized Interaction Manager (VIM) Unknown link cisagov 2022-01-12
Cisco Managed Services Accelerator (MSX) Network Access Control Service Unknown link cisagov 2022-01-12
Citrix Citrix ADC (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Application Delivery Management (NetScaler MAS) Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Cloud Connector Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Connector Appliance for Cloud Services Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Content Collaboration (ShareFile Integration) Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Endpoint Management (Citrix XenMobile Server) Unknown link For CVE-2021-44228 and CVE-2021-45046: ImpactedCustomers are advised to apply the latest CEM rolling patch updates listed below as soon as possible to reduce the risk of exploitation. XenMobile Server 10.14 RP2; XenMobile Server 10.13 RP5; and XenMobile Server 10.12 RP10. Note: Customers who have upgraded their XenMobile Server to the updated versions are recommended not to apply the responder policy mentioned in the blog listed below to the Citrix ADC vserver in front of the XenMobile Server as it may impact the enrollment of Android devices. For CVE-2021-45105: Investigation in progress. cisagov 2021-12-21
Citrix Citrix Hypervisor (XenServer) Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix License Server Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix SD-WAN Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Unknown link IMPACTED: Linux VDA (non-LTSR versions only)- CVE-2021-44228 and CVE-2021-45046: Customers are advised to apply the latest update as soon as possible to reduce the risk of exploitation. Linux Virtual Delivery Agent 2112. See the Citrix Statement for additional mitigations. For CVE-2021-45105: Investigation has shown that Linux VDA is not impacted. Nonetheless, the Linux VDA 2112 has been updated (21.12.0.30, released December 20th) to contain Apache log4j version 2.17.0. NOT IMPACTED: Linux VDA LTSR all versions; All other CVAD components. cisagov 2021-12-21
Citrix Citrix Workspace App Not Affected link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Citrix ShareFile Storage Zones Controller Unknown link Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. cisagov 2021-12-21
Claris Unknown link cisagov 2022-01-12
Cloudera AM2CM Tool Unknown link cisagov 2022-01-12
Cloudera Ambari Only versions 2.x, 1.x Affected link cisagov 2022-01-12
Cloudera Arcadia Enterprise Only version 7.1.x Affected link cisagov 2022-01-12
Cloudera CDH, HDP, and HDF Only version 6.x Affected link cisagov 2022-01-12
Cloudera CDP Operational Database (COD) Unknown link cisagov 2022-01-12
Cloudera CDP Private Cloud Base Only version 7.x Affected link cisagov 2022-01-12
Cloudera CDS 3 Powered by Apache Spark All versions Affected link cisagov 2022-01-12
Cloudera CDS 3.2 for GPUs All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Cybersecurity Platform All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Data Engineering (CDE) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Engineering (CDE) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Data Flow (CFM) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Science Workbench (CDSW) Only versions 2.x, 3.x Affected link cisagov 2022-01-12
Cloudera Cloudera Data Visualization (CDV) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Warehouse (CDW) Unknown link cisagov 2022-01-12
Cloudera Cloudera Data Warehouse (CDW) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera DataFlow (CDF) Unknown link cisagov 2022-01-12
Cloudera Cloudera Edge Management (CEM) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Enterprise Only version 6.x Affected link cisagov 2022-01-12
Cloudera Cloudera Flow Management (CFM) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Machine Learning (CML) Unknown link cisagov 2022-01-12
Cloudera Cloudera Machine Learning (CML) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) Only versions 7.0.x, 7.1.x, 7.2.x Affected link cisagov 2022-01-12
Cloudera Cloudera Manager (Including Backup Disaster Recovery (BDR)) Unknown link cisagov 2022-01-12
Cloudera Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) Only versions 7.0.x, 7.1.x, 7.2.x Affected link cisagov 2022-01-12
Cloudera Cloudera Stream Processing (CSP) All versions Affected link cisagov 2022-01-12
Cloudera Cloudera Streaming Analytics (CSA) Unknown link cisagov 2022-01-12
Cloudera Cloudera Streaming Analytics (CSA) Unknown link cisagov 2022-01-12
Cloudera Data Analytics Studio (DAS) Unknown link cisagov 2022-01-12
Cloudera Data Catalog Unknown link cisagov 2022-01-12
Cloudera Data Lifecycle Manager (DLM) Unknown link cisagov 2022-01-12
Cloudera Data Steward Studio (DSS) All versions Affected link cisagov 2022-01-12
Cloudera Hortonworks Data Flow (HDF) Unknown link cisagov 2022-01-12
Cloudera Hortonworks Data Platform (HDP) Only versions 7.1.x, 2.7.x, 2.6.x Affected link cisagov 2022-01-12
Cloudera Hortonworks DataPlane Platform Unknown link cisagov 2022-01-12
Cloudera Management Console All versions Affected link cisagov 2022-01-12
Cloudera Management Console for CDP Public Cloud Unknown link cisagov 2022-01-12
Cloudera Replication Manager Unknown link cisagov 2022-01-12
Cloudera SmartSense Unknown link cisagov 2022-01-12
Cloudera Workload Manager Unknown link cisagov 2022-01-12
Cloudera Workload XM All versions Affected link cisagov 2022-01-12
Cloudera Workload XM (SaaS) Unknown link cisagov 2022-01-12
CloudFlare Unknown link cisagov 2022-01-12
Cloudian HyperStore Unknown link cisagov 2022-01-12
Cloudogu Ecosystem All Affected link cisagov 2022-01-12
Cloudogu SCM-Manager Unknown link cisagov 2022-01-12
Cloudron Unknown link cisagov 2022-01-12
Clover Unknown link cisagov 2022-01-12
Code42 Code42 App 8.8.1 Fixed link cisagov 2021-12-22
Code42 Crashplan 8.8, possibly prior versions Fixed link I think, they don't specify in the notice, but we know that they released an updated Crashplan client. Possibly prior versions affected. cisagov 2021-12-16
CodeBeamer Unknown link cisagov 2022-01-12
Codesys Unknown link cisagov 2022-01-12
Cohesity Unknown link cisagov 2022-01-12
CommVault Unknown link cisagov 2022-01-12
Concourse Concourse Unknown link cisagov 2022-01-12
ConcreteCMS.com Unknown link cisagov 2022-01-12
Confluent Confluent Cloud N/A Fixed link cisagov 2021-12-17
Confluent Confluent ElasticSearch Sink Connector <11.1.7 Affected link cisagov 2021-12-17
Confluent Confluent for Kubernetes Not Affected link cisagov 2021-12-17
Confluent Confluent Google DataProc Sink Connector <1.1.5 Affected link cisagov 2021-12-17
Confluent Confluent HDFS 2 Sink Connector <10.1.3 Affected link cisagov 2021-12-17
Confluent Confluent HDFS 3 Sink Connector <1.1.8 Affected link cisagov 2021-12-17
Confluent Confluent Kafka Connectors Not Affected link cisagov 2021-12-17
Confluent Confluent Platform <7.0.1 Affected link cisagov 2021-12-17
Confluent Confluent Splunk Sink Connector <2.05 Affected link cisagov 2021-12-17
Confluent Confluent VMWare Tanzu GemFire Sink Connector <1.0.8 Affected link cisagov 2021-12-17
Connect2id Unknown link cisagov 2022-01-12
ConnectWise Unknown link cisagov 2022-01-12
ContrastSecurity Unknown link cisagov 2022-01-12
ControlUp Unknown link cisagov 2022-01-12
COPADATA All Unknown link cisagov 2022-01-06
CouchBase Unknown link cisagov 2022-01-12
CPanel Unknown link cisagov 2022-01-12
Cradlepoint Unknown link cisagov 2022-01-12
Crestron Unknown link cisagov 2021-12-20
CrushFTP Unknown link cisagov 2022-01-12
CryptShare Unknown link cisagov 2022-01-12
CyberArk Privileged Threat Analytics (PTA) N/A Fixed link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2021-12-14
Cybereason Unknown link cisagov 2022-01-12
CyberRes Unknown link cisagov 2022-01-12
Daktronics All Sport Pro Unknown link cisagov 2022-01-06
Daktronics Dakronics Media Player Not Affected link cisagov 2022-01-06
Daktronics Dakronics Web Player DWP-1000 Affected link DWP-1000: Not present in our codebase, but awaiting confirmation from LG re: webOS platform. cisagov 2022-01-06
Daktronics Data Vision Software (DVS) Unknown link DVS has one microservice that uses Log4j, but it uses a version that is not impacted. cisagov 2022-01-06
Daktronics Dynamic Messaging System (DMS) Unknown link cisagov 2022-01-06
Daktronics Dynamic Messaging System - DMS Core Player Not Affected link cisagov 2022-01-06
Daktronics Dynamic Messaging System - DMS Player hardware Not Affected link cisagov 2022-01-06
Daktronics Dynamic Messaging System - DMS Web Player Unknown link DMS Web Player: Not present in our codebase, but awaiting confirmation from LG re: webOS platform. cisagov 2022-01-06
Daktronics IBoot - Dataprobe IBoot Devices Not Affected link cisagov 2022-01-06
Daktronics Outdoor Smartlink Devices Not Affected link cisagov 2022-01-06
Daktronics Routers - Cisco Meraki Z3/Z3c Routers Not Affected link cisagov 2022-01-06
Daktronics Routers - Cisco Z1 Routers Not Affected link cisagov 2022-01-06
Daktronics Routers - Sierra Wireless RV50x/RV50 A-3350704 Affected link cisagov 2022-01-06
Daktronics Show Control System (SCS) Unknown link cisagov 2022-01-06
Daktronics Vanguard Unknown link cisagov 2022-01-06
Daktronics Venus 1500 Unknown link cisagov 2022-01-06
Daktronics Venus Control Suite (VCS) Unknown link cisagov 2022-01-06
Daktronics Video Image Processors Not Affected link cisagov 2022-01-06
Daktronics Webcam - Mobotix Not Affected link cisagov 2022-01-06
DarkTrace Unknown link cisagov 2022-01-12
Dassault Systèmes Unknown link cisagov 2022-01-12
Databricks Unknown link cisagov 2022-01-12
Datadog Datadog Agent >=6.17.0, <=6.32.2, >=7.17.0, <=7.32.2 Fixed link cisagov 2022-01-12
Dataminer Unknown link cisagov 2022-01-12
Datev Unknown link cisagov 2022-01-12
Datto Unknown link cisagov 2022-01-12
dCache.org Unknown link cisagov 2022-01-12
Debian Unknown link cisagov 2022-01-12
Deepinstinct Unknown link cisagov 2022-01-12
Dell "Dell EMC PowerMax VMAX VMAX3 and VMAX AFA" Not Affected link cisagov 2021-12-15
Dell "Dell EMC PowerSwitch Z9264F-ON BMC Dell EMC PowerSwitch Z9432F-ON BMC" Not Affected link cisagov 2021-12-15
Dell Alienware Command Center Not Affected link cisagov 2021-12-15
Dell Alienware OC Controls Not Affected link cisagov 2021-12-15
Dell Alienware On Screen Display Not Affected link cisagov 2021-12-15
Dell Alienware Update Not Affected link cisagov 2021-12-15
Dell APEX Console N/A Fixed link Cloud environment patched cisagov 2021-12-15
Dell APEX Data Storage Services Unknown link Cloud environment patch in progress cisagov 2021-12-15
Dell Atmos Not Affected link cisagov 2021-12-15
Dell Azure Stack HCI Not Affected link cisagov 2021-12-15
Dell CalMAN Powered Calibration Firmware Not Affected link cisagov 2021-12-15
Dell CalMAN Ready for Dell Not Affected link cisagov 2021-12-15
Dell Centera Not Affected link cisagov 2021-12-15
Dell Chameleon Linux Based Diagnostics Not Affected link cisagov 2021-12-15
Dell Chassis Management Controller (CMC) Not Affected link cisagov 2021-12-15
Dell China HDD Deluxe Not Affected link cisagov 2021-12-15
Dell Cloud IQ Unknown link Cloud environment patched cisagov 2021-12-15
Dell Cloud Mobility for Dell EMC Storage Not Affected link cisagov 2021-12-15
Dell Cloud Tiering Appliance Not Affected link cisagov 2021-12-15
Dell Connectrix (Cisco MDS 9000 switches) Not Affected link cisagov 2021-12-15
Dell Connectrix (Cisco MDS DCNM) Unknown link Patch expected by 12/23/21 cisagov 2021-12-15
Dell Connectrix B-Series SANnav 2.1.1 Affected link Patch expected by 3/31/2022 cisagov 2021-12-15
Dell Connextrix B Series Not Affected link cisagov 2021-12-15
Dell CyberSecIQ Application Not Affected link cisagov 2021-12-15
Dell CyberSense for PowerProtect Cyber Recovery Not Affected link cisagov 2021-12-15
Dell Data Domain OS Versions between 7.3.0.5 and 7.7.0.6;Versions before 7.6.0.30 Affected link See DSA-2021-274 cisagov 2021-12-15
Dell Dell BSAFE Crypto-C Micro Edition Not Affected link cisagov 2021-12-15
Dell Dell BSAFE Crypto-J Not Affected link cisagov 2021-12-15
Dell Dell BSAFE Micro Edition Suite Not Affected link cisagov 2021-12-15
Dell Dell Calibration Assistant Not Affected link cisagov 2021-12-15
Dell Dell Cinema Color Not Affected link cisagov 2021-12-15
Dell Dell Cloud Command Repository Manager Not Affected link cisagov 2021-12-15
Dell Dell Cloud Management Agent Not Affected link cisagov 2021-12-15
Dell Dell Color Management Not Affected link cisagov 2021-12-15
Dell Dell Command Configure Not Affected link cisagov 2021-12-15
Dell Dell Command Integration Suite for System Center Not Affected link cisagov 2021-12-15
Dell Dell Command Intel vPro Out of Band Not Affected link cisagov 2021-12-15
Dell Dell Command Monitor Not Affected link cisagov 2021-12-15
Dell Dell Command Power Manager Not Affected link cisagov 2021-12-15
Dell Dell Command PowerShell Provider Not Affected link cisagov 2021-12-15
Dell Dell Command Update Not Affected link cisagov 2021-12-15
Dell Dell Customer Connect Not Affected link cisagov 2021-12-15
Dell Dell Data Guardian* Not Affected link cisagov 2021-12-15
Dell Dell Data Protection* Not Affected link cisagov 2021-12-15
Dell Dell Data Recovery Environment Not Affected link cisagov 2021-12-15
Dell Dell Data Vault Not Affected link cisagov 2021-12-15
Dell Dell Data Vault for Chrome OS Not Affected link cisagov 2021-12-15
Dell Dell Deployment Agent Not Affected link cisagov 2021-12-15
Dell Dell Digital Delivery Not Affected link cisagov 2021-12-15
Dell Dell Direct USB Key Not Affected link cisagov 2021-12-15
Dell Dell Display Manager 1.5 for Windows / macOS Not Affected link cisagov 2021-12-15
Dell Dell Display Manager 2.0 for Windows / macOS Not Affected link cisagov 2021-12-15
Dell Dell EMC AppSync Not Affected link cisagov 2021-12-15
Dell Dell EMC Avamar "18.2 19.1 19.2 19.3 19.4" Affected link Patch expected by 12/20/21 cisagov 2021-12-15
Dell Dell EMC BSN Controller Node Unknown link See DSA-2021-305 cisagov 2021-12-15
Dell Dell EMC Cloud Disaster Recovery N/A Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC Cloudboost Not Affected link cisagov 2021-12-15
Dell Dell EMC CloudLink Not Affected link cisagov 2021-12-15
Dell Dell EMC Container Storage Modules Not Affected link cisagov 2021-12-15
Dell Dell EMC Data Computing Appliance (DCA) Not Affected link cisagov 2021-12-15
Dell Dell EMC Data Protection Advisor Not Affected link cisagov 2021-12-15
Dell Dell EMC Data Protection Central Unknown link See DSA-2021- 269 cisagov 2021-12-15
Dell Dell EMC Data Protection Search Versions before 19.5.0.7 Affected link See DSA-2021-279 cisagov 2021-12-15
Dell Dell EMC DataIQ Not Affected link cisagov 2021-12-15
Dell Dell EMC Disk Library for Mainframe Not Affected link cisagov 2021-12-15
Dell Dell EMC ECS Unknown link Patch expected by 12/18/21 cisagov 2021-12-15
Dell Dell EMC Enterprise Storage Analytics for vRealize Operations "<6.0.0 6.1.0 6.2.x" Affected link See DSA-2021-278 cisagov 2021-12-15
Dell Dell EMC GeoDrive Not Affected link cisagov 2021-12-15
Dell Dell EMC Integrated System for Azure Stack HCI N/A Affected link "Dell EMC Integrated System for Azure Stack HCI is not impacted by this advisory. If Dell EMC SupportAssist Enterprise (SAE) or Dell EMC Secure Connect Gateway (SCG) were optionally installed with Dell EMC Integrated System for Azure Stack HCI monitor the following advisories. Apply workaround guidance and remediations as they become available: cisagov 2021-12-15
Dell Dell EMC Integrated System for Microsoft Azure Stack Hub N/A Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC Isilon InsightIQ Not Affected link cisagov 2021-12-15
Dell Dell EMC License Manager Not Affected link cisagov 2021-12-15
Dell Dell EMC Metro Node 7.0.x Affected link See DSA-2021-308 cisagov 2021-12-15
Dell Dell EMC NetWorker Server "19.5.x 19.4.x 19.3.x" Affected link Patch expected by 12/20/21 cisagov 2021-12-15
Dell Dell EMC NetWorker Virtual Edition "19.5.x 19.4.x 19.3.x" Affected link Patch expected by 12/20/21 cisagov 2021-12-15
Dell Dell EMC Networking Onie Not Affected link cisagov 2021-12-15
Dell Dell EMC Networking Virtual Edge Platform with VersaOS "with Versa Concerto with Versa Analytics with Versa Concero Director" Affected link See DSA-2021-304 cisagov 2021-12-15
Dell Dell EMC OpenManage Ansible Modules Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage integration for Splunk Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Integration for VMware vCenter Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Management pack for vRealize Operations Not Affected link cisagov 2021-12-15
Dell Dell EMC OpenManage Operations Connector for Micro Focus Operations Bridge Manager Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerFlex Appliance "All versions up to Intelligent Catalog 38_356_00_r10.zip All versions up to Intelligent Catalog 38_362_00_r7.zip" Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC PowerFlex Rack N/A Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC PowerFlex Software (SDS) "3.5 3.5.1 3.5.1.1 3.5.1.2 3.5.1.3 3.5.1.4 3.6 3.6.0.1 3.6.0.2" Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC PowerPath Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerPath Management Appliance Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerProtect Cyber Recovery Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerProtect Data Manager All versions 19.9 and earlier Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC PowerProtect DP Series Appliance (iDPA) 2.7.0 and earlier Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC PowerScale OneFS Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerShell for PowerMax Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerShell for Powerstore Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerShell for Unity Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerStore Unknown link Patch expected by 12/23/21 cisagov 2021-12-15
Dell Dell EMC PowerVault MD3 Series Storage Arrays Not Affected link cisagov 2021-12-15
Dell Dell EMC PowerVault ME4 Series Storage Arrays Not Affected link cisagov 2021-12-15
Dell Dell EMC RecoverPoint Classic All 5.1.x and later versions Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC RecoverPoint for Virtual Machine All 5.0.x and later versions Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC Repository Manager (DRM) Not Affected link cisagov 2021-12-15
Dell Dell EMC Ruckus SmartZone 100 Controller Unknown link See DSA-2021-303 cisagov 2021-12-15
Dell Dell EMC Ruckus SmartZone 300 Controller Unknown link See DSA-2021-303 cisagov 2021-12-15
Dell Dell EMC Ruckus Virtual Software Unknown link See DSA-2021-303 cisagov 2021-12-15
Dell Dell EMC SourceOne Not Affected link cisagov 2021-12-15
Dell Dell EMC SRM vApp Versions before 4.6.0.2 Affected link Patch expected by 1/25/2022 cisagov 2021-12-15
Dell Dell EMC Streaming Data Platform Unknown link Patch expected by 12/18/21 cisagov 2021-12-15
Dell Dell EMC Systems Update (DSU) Not Affected link cisagov 2021-12-15
Dell Dell EMC Unisphere 360 Not Affected link cisagov 2021-12-15
Dell Dell EMC Unity Unknown link Patch expected by 12/29/21 cisagov 2021-12-15
Dell Dell EMC Virtual Storage Integrator Not Affected link cisagov 2021-12-15
Dell Dell EMC VPLEX Not Affected link cisagov 2021-12-15
Dell Dell EMC VxRail "4.5.x 4.7.x 7.0.x" Affected link Patch pending cisagov 2021-12-15
Dell Dell EMC XtremIO Not Affected link cisagov 2021-12-15
Dell Dell Encryption Enterprise* Not Affected link cisagov 2021-12-15
Dell Dell Encryption Personal* Not Affected link cisagov 2021-12-15
Dell Dell Endpoint Security Suite Enterprise* Not Affected link cisagov 2021-12-15
Dell Dell Hybrid Client Not Affected link cisagov 2021-12-15
Dell Dell ImageAssist Not Affected link cisagov 2021-12-15
Dell Dell Insights Client Not Affected link cisagov 2021-12-15
Dell Dell Linux Assistant Not Affected link cisagov 2021-12-15
Dell Dell Mobile Connect Not Affected link cisagov 2021-12-15
Dell Dell Monitor ISP (Windows/Mac/Linux) Not Affected link cisagov 2021-12-15
Dell Dell Monitor SDK Not Affected link cisagov 2021-12-15
Dell Dell Networking X-Series Not Affected link cisagov 2021-12-15
Dell Dell Open Manage Mobile Not Affected link cisagov 2021-12-15
Dell Dell Open Manage Server Administrator Not Affected link cisagov 2021-12-15
Dell Dell Open Management Enterprise - Modular <1.40.10 Affected link See DSA-2021-268 cisagov 2021-12-15
Dell Dell OpenManage Change Management Not Affected link cisagov 2021-12-15
Dell Dell OpenManage Enterprise Power Manager Plugin Not Affected link cisagov 2021-12-15
Dell Dell Optimizer Not Affected link cisagov 2021-12-15
Dell Dell OS Recovery Tool Not Affected link cisagov 2021-12-15
Dell Dell Peripheral Manager 1.4 / 1.5 for Windows Not Affected link cisagov 2021-12-15
Dell Dell Platform Service Not Affected link cisagov 2021-12-15
Dell Dell Power Manager Not Affected link cisagov 2021-12-15
Dell Dell Power Manager Lite Not Affected link cisagov 2021-12-15
Dell Dell Precision Optimizer Not Affected link cisagov 2021-12-15
Dell Dell Precision Optimizer for Linux Not Affected link cisagov 2021-12-15
Dell Dell Premier Color Not Affected link cisagov 2021-12-15
Dell Dell Recovery (Linux) Not Affected link cisagov 2021-12-15
Dell Dell Remediation Platform Not Affected link cisagov 2021-12-15
Dell Dell Remote Execution Engine (DRONE) Not Affected link cisagov 2021-12-15
Dell Dell Security Advisory Update - DSA-2021-088 Not Affected link cisagov 2021-12-15
Dell Dell Security Management Server & Dell Security Management Server Virtual* Not Affected link cisagov 2021-12-15
Dell Dell SupportAssist SOS Not Affected link cisagov 2021-12-15
Dell Dell Thin OS Not Affected link cisagov 2021-12-15
Dell Dell Threat Defense Not Affected link cisagov 2021-12-15
Dell Dell True Color Not Affected link cisagov 2021-12-15
Dell Dell Trusted Device Not Affected link cisagov 2021-12-15
Dell Dell Update Not Affected link cisagov 2021-12-15
Dell DellEMC OpenManage Enterprise Services Unknown link Patch expected by 12/20/21 cisagov 2021-12-15
Dell Dream Catcher Not Affected link cisagov 2021-12-15
Dell DUP Creation Service Not Affected link cisagov 2021-12-15
Dell DUP Framework (ISG) Not Affected link cisagov 2021-12-15
Dell Embedded NAS Not Affected link cisagov 2021-12-15
Dell Embedded Service Enabler Not Affected link cisagov 2021-12-15
Dell Enterprise Hybrid Cloud Unknown link link cisagov 2021-12-15
Dell Equallogic PS Not Affected link cisagov 2021-12-15
Dell Fluid FS Not Affected link cisagov 2021-12-15
Dell iDRAC Service Module (iSM) Not Affected link cisagov 2021-12-15
Dell Infinity MLK (firmware) Not Affected link cisagov 2021-12-15
Dell Integrated Dell Remote Access Controller (iDRAC) Not Affected link cisagov 2021-12-15
Dell ISG Accelerators Not Affected link cisagov 2021-12-15
Dell ISG Board & Electrical Not Affected link cisagov 2021-12-15
Dell IsilonSD Management Server Not Affected link cisagov 2021-12-15
Dell IVE-WinDiag Not Affected link cisagov 2021-12-15
Dell Mainframe Enablers Not Affected link cisagov 2021-12-15
Dell My Dell Not Affected link cisagov 2021-12-15
Dell MyDell Mobile Not Affected link cisagov 2021-12-15
Dell NetWorker Management Console Not Affected link cisagov 2021-12-15
Dell Networking BIOS Not Affected link cisagov 2021-12-15
Dell Networking DIAG Not Affected link cisagov 2021-12-15
Dell Networking N-Series Not Affected link cisagov 2021-12-15
Dell Networking OS 10 Not Affected link cisagov 2021-12-15
Dell Networking OS9 Not Affected link cisagov 2021-12-15
Dell Networking SD-WAN Edge SD-WAN Not Affected link cisagov 2021-12-15
Dell Networking W-Series Not Affected link cisagov 2021-12-15
Dell Networking X-Series Not Affected link cisagov 2021-12-15
Dell OMIMSSC (OpenManage Integration for Microsoft System Center) Not Affected link cisagov 2021-12-15
Dell OMNIA Not Affected link cisagov 2021-12-15
Dell OpenManage Connections - Nagios Not Affected link cisagov 2021-12-15
Dell OpenManage Connections - ServiceNow Not Affected link cisagov 2021-12-15
Dell OpenManage Enterprise Unknown link Patch expected by 12/19/21 cisagov 2021-12-15
Dell OpenManage Integration for Microsoft System Center for System Center Operations Manager Not Affected link cisagov 2021-12-15
Dell OpenManage Integration with Microsoft Windows Admin Center Not Affected link cisagov 2021-12-15
Dell OpenManage Network Integration Not Affected link cisagov 2021-12-15
Dell PowerConnect N3200 Not Affected link cisagov 2021-12-15
Dell PowerConnect PC2800 Not Affected link cisagov 2021-12-15
Dell PowerConnect PC8100 Not Affected link cisagov 2021-12-15
Dell PowerEdge BIOS Not Affected link cisagov 2021-12-15
Dell PowerEdge Operating Systems Not Affected link cisagov 2021-12-15
Dell PowerTools Agent Not Affected link cisagov 2021-12-15
Dell PPDM Kubernetes cProxy Not Affected link cisagov 2021-12-15
Dell PPDM VMware vProxy Not Affected link cisagov 2021-12-15
Dell Redtail Not Affected link cisagov 2021-12-15
Dell Remotely Anywhere Not Affected link cisagov 2021-12-15
Dell Riptide (firmware) Not Affected link cisagov 2021-12-15
Dell Rugged Control Center (RCC) Not Affected link cisagov 2021-12-15
Dell SD ROM Utility Not Affected link cisagov 2021-12-15
Dell SDNAS Not Affected link cisagov 2021-12-15
Dell Secure Connect Gateway (SCG) Appliance "5.00.00 5.00.05 and 4.0.06 and earlier versions (OVF and VHD)" Affected link See DSA-2021-282 cisagov 2021-12-15
Dell Secure Connect Gateway (SCG) Policy Manager "5.00.00.10 5.00.05.10" Affected link See DSA-2021-281 cisagov 2021-12-15
Dell Server Storage Not Affected link cisagov 2021-12-15
Dell Smart Fabric Storage Software Not Affected link cisagov 2021-12-15
Dell SmartByte Not Affected link cisagov 2021-12-15
Dell SMI-S Not Affected link cisagov 2021-12-15
Dell Software RAID Not Affected link cisagov 2021-12-15
Dell Solutions Enabler Not Affected link cisagov 2021-12-15
Dell Solutions Enabler vApp Not Affected link cisagov 2021-12-15
Dell Sonic Not Affected link cisagov 2021-12-15
Dell SRS Policy Manager 7 Affected link Patch pending cisagov 2021-12-15
Dell SRS VE Not Affected link cisagov 2021-12-15
Dell Storage Center - Dell Storage Manager Unknown link Patch pending cisagov 2021-12-15
Dell Storage Center OS and additional SC applications unless otherwise noted Not Affected link cisagov 2021-12-15
Dell SupportAssist Client Commercial Not Affected link cisagov 2021-12-15
Dell SupportAssist Client Consumer Not Affected link cisagov 2021-12-15
Dell SupportAssist Enterprise Unknown link Patch expected by 12/23/21 cisagov 2021-12-15
Dell UCC Edge Not Affected link cisagov 2021-12-15
Dell Unisphere Central Unknown link Patch expected by 1/10/2022 cisagov 2021-12-15
Dell Unisphere for PowerMax Not Affected link cisagov 2021-12-15
Dell Unisphere for PowerMax vApp Not Affected link cisagov 2021-12-15
Dell Unisphere for VMAX Not Affected link cisagov 2021-12-15
Dell Unisphere for VNX Not Affected link cisagov 2021-12-15
Dell Update Manager Plugin Not Affected link cisagov 2021-12-15
Dell Vblock Unknown link Patch pending See vce6771 (requires customer login) cisagov 2021-12-15
Dell ViPR Controller Not Affected link cisagov 2021-12-15
Dell VMware vRealize Automation 8.x "8.2 8.3 8.4 8.5 and 8.6" Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell VMware vRealize Orchestrator 8.x "8.2 8.3 8.4 8.5 and 8.6" Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell VNX1 Not Affected link cisagov 2021-12-15
Dell VNX2 Not Affected link cisagov 2021-12-15
Dell VNXe 1600 Versions 3.1.16.10220572 and earlier Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell VNXe 3200 Version 3.1.15.10216415 and earlier Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell VPLEX VS2/VS6 / VPLEX Witness Not Affected link cisagov 2021-12-15
Dell vRealize Data Protection Extension Data Management Unknown link Patch expected by 12/19/21 cisagov 2021-12-15
Dell vRealize Data Protection Extension for vRealize Automation (vRA) 8.x "version 19.6 version 19.7 version 19.8 and version 19.9" Affected link Patch expected by 12/19/21 cisagov 2021-12-15
Dell vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage Various Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC PowerMax Version 1.2.3 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC PowerScale Version 1.1.0 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC PowerStore Version 1.1.4 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC Unity Version 1.0.6 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell vRO Plugin for Dell EMC XtremIO Version 4.1.2 or earlier Affected link See DSA-2021-300 cisagov 2021-12-15
Dell Vsan Ready Nodes Not Affected link cisagov 2021-12-15
Dell VxBlock Unknown link "Patch pending See vce6771 (requires customer login) " cisagov 2021-12-15
Dell Warnado MLK (firmware) Not Affected link cisagov 2021-12-15
Dell Wyse Management Suite <3.5 Affected link See DSA-2021-267 cisagov 2021-12-15
Dell Wyse Proprietary OS (ThinOS) Not Affected link cisagov 2021-12-15
Dell Wyse Windows Embedded Suite Not Affected link cisagov 2021-12-15
Deltares Delft-FEWS >2018.02 Fixed link Mitigations Only cisagov 2021-12-22
Denequa Unknown link cisagov 2022-01-12
Device42 Unknown link cisagov 2022-01-12
Devolutions All products Unknown link cisagov 2022-01-12
Diebold Nixdorf Unknown link cisagov 2022-01-12
Digi International AnywhereUSB Manager Unknown link cisagov 2021-12-21
Digi International ARMT Unknown link cisagov 2021-12-21
Digi International Aview Unknown link cisagov 2021-12-21
Digi International AVWOB Unknown link cisagov 2021-12-21
Digi International CTEK G6200 family Unknown link cisagov 2021-12-21
Digi International CTEK SkyCloud Unknown link cisagov 2021-12-21
Digi International CTEK Z45 family Unknown link cisagov 2021-12-21
Digi International Digi 54xx family Unknown link cisagov 2021-12-21
Digi International Digi 63xx family Unknown link cisagov 2021-12-21
Digi International Digi AnywhereUSB (G2) family Unknown link cisagov 2021-12-21
Digi International Digi AnywhereUSB Plus family Unknown link cisagov 2021-12-21
Digi International Digi Connect EZ family Unknown link cisagov 2021-12-21
Digi International Digi Connect family Unknown link cisagov 2021-12-21
Digi International Digi Connect IT family Unknown link cisagov 2021-12-21
Digi International Digi Connect Sensor family Unknown link cisagov 2021-12-21
Digi International Digi Connect WS family Unknown link cisagov 2021-12-21
Digi International Digi ConnectPort family Unknown link cisagov 2021-12-21
Digi International Digi ConnectPort LTS family Unknown link cisagov 2021-12-21
Digi International Digi Embedded Android Unknown link cisagov 2021-12-21
Digi International Digi Embedded Yocto Unknown link cisagov 2021-12-21
Digi International Digi EX routers Unknown link cisagov 2021-12-21
Digi International Digi IX routers Unknown link cisagov 2021-12-21
Digi International Digi LR54 Unknown link cisagov 2021-12-21
Digi International Digi Navigator Unknown link cisagov 2021-12-21
Digi International Digi One family Unknown link cisagov 2021-12-21
Digi International Digi Passport family Unknown link cisagov 2021-12-21
Digi International Digi PortServer TS family Unknown link cisagov 2021-12-21
Digi International Digi Remote Manager Unknown link cisagov 2021-12-21
Digi International Digi TX routers Unknown link cisagov 2021-12-21
Digi International Digi WR11 Unknown link cisagov 2021-12-21
Digi International Digi WR21 Unknown link cisagov 2021-12-21
Digi International Digi WR31 Unknown link cisagov 2021-12-21
Digi International Digi WR44R/RR Unknown link cisagov 2021-12-21
Digi International Digi WR54 Unknown link cisagov 2021-12-21
Digi International Digi WR64 Unknown link cisagov 2021-12-21
Digi International Digi Xbee mobile app Unknown link cisagov 2021-12-21
Digi International Lighthouse Unknown link cisagov 2021-12-21
Digi International Realport Unknown link cisagov 2021-12-21
Digi International Remote Hub Config Utility Unknown link cisagov 2021-12-21
Digicert Unknown link cisagov 2022-01-12
Digital AI Unknown link cisagov 2022-01-12
Digital Alert Systems All Unknown link Formerly Monroe Electronics, Inc. cisagov 2022-01-05
DNSFilter Unknown link cisagov 2022-01-12
Docker Unknown link cisagov 2022-01-12
Docusign Unknown link cisagov 2022-01-12
DrayTek Vigor Routers, Access Points, Switches, VigorACS Central Management Software, MyVigor Platform Unknown link cisagov 2021-12-15
DSpace Unknown link cisagov 2022-01-12
Dynatrace ActiveGate Unknown link cisagov 2021-12-21
Dynatrace Dynatrace Extensions Unknown link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace FedRamp SAAS Unknown link cisagov 2021-12-21
Dynatrace Managed cluster nodes Unknown link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace OneAgent Unknown link cisagov 2021-12-21
Dynatrace SAAS Unknown link cisagov 2021-12-21
Dynatrace Synthetic Private ActiveGate Unknown link Please see Dynatrace Communication for details cisagov 2021-12-21
Dynatrace Synthetic public locations Unknown link cisagov 2021-12-21
EasyRedmine Unknown link cisagov 2022-01-12
Eaton Undisclosed Undisclosed Affected link Doesn't openly disclose what products are affected or not for quote 'security purposes'. Needs email registration. No workaround provided due to registration wall. cisagov 2022-01-12
EclecticIQ Unknown link cisagov 2022-01-12
Eclipse Foundation Unknown link cisagov 2022-01-12
Edwards Unknown link cisagov 2022-01-06
EFI Unknown link cisagov 2022-01-12
EGroupware Unknown link cisagov 2022-01-12
Elastic APM Java Agent Unknown link cisagov 2021-12-15
Elastic APM Server Unknown link cisagov 2021-12-15
Elastic Beats Unknown link cisagov 2021-12-15
Elastic Cmd Unknown link cisagov 2021-12-15
Elastic Elastic Agent Unknown link cisagov 2021-12-15
Elastic Elastic Cloud Unknown link cisagov 2021-12-15
Elastic Elastic Cloud Enterprise Unknown link cisagov 2021-12-15
Elastic Elastic Cloud Enterprise Unknown link cisagov 2021-12-15
Elastic Elastic Cloud on Kubernetes Unknown link cisagov 2021-12-15
Elastic Elastic Endgame Unknown link cisagov 2021-12-15
Elastic Elastic Maps Service Unknown link cisagov 2021-12-15
Elastic Elasticsearch 5, 6, 8 Affected link cisagov 2021-12-15
Elastic Endpoint Security Unknown link cisagov 2021-12-15
Elastic Enterprise Search Unknown link cisagov 2021-12-15
Elastic Fleet Server Unknown link cisagov 2021-12-15
Elastic Kibana Unknown link cisagov 2021-12-15
Elastic Logstash <6.8.21, <7.16.1 Affected link cisagov 2021-12-15
Elastic Machine Learning Unknown link cisagov 2021-12-15
Elastic Swiftype Unknown link cisagov 2021-12-15
ElasticSearch all products Unknown cisagov 2022-01-12
Ellucian Admin Unknown link cisagov 2021-12-17
Ellucian Banner Analytics Unknown link cisagov 2021-12-17
Ellucian Banner Document Management (includes Banner Document Retention) Unknown link cisagov 2021-12-17
Ellucian Banner Event Publisher Unknown link cisagov 2021-12-17
Ellucian Banner Integration for eLearning Unknown link cisagov 2021-12-17
Ellucian Banner Integration for eProcurement Unknown link cisagov 2021-12-17
Ellucian Banner Self Service Unknown link cisagov 2021-12-17
Ellucian Banner Workflow Unknown link cisagov 2021-12-17
Ellucian Colleague Unknown link On-prem and cloud deployements expect fixed 12/18/2021 cisagov 2021-12-17
Ellucian Colleague Analytics Unknown link cisagov 2021-12-17
Ellucian CRM Advance Unknown link cisagov 2021-12-17
Ellucian CRM Advise Unknown link cisagov 2021-12-17
Ellucian CRM Recruit Unknown link cisagov 2021-12-17
Ellucian Ellucian Advance Web Connector Unknown link cisagov 2021-12-17
Ellucian Ellucian Data Access Unknown link cisagov 2021-12-17
Ellucian Ellucian Design Path Unknown link cisagov 2021-12-17
Ellucian Ellucian Ellucian Portal Unknown link cisagov 2021-12-17
Ellucian Ellucian ePrint Unknown link cisagov 2021-12-17
Ellucian Ellucian Ethos API & API Management Center Unknown link cisagov 2021-12-17
Ellucian Ellucian Ethos Extend Unknown link cisagov 2021-12-17
Ellucian Ellucian Ethos Integration Unknown link cisagov 2021-12-17
Ellucian Ellucian eTranscripts Unknown link cisagov 2021-12-17
Ellucian Ellucian Experience Unknown link cisagov 2021-12-17
Ellucian Ellucian Intelligent Platform (ILP) Unknown link cisagov 2021-12-17
Ellucian Ellucian International Student and Scholar Management (ISSM) Unknown link cisagov 2021-12-17
Ellucian Ellucian Message Service (EMS) Unknown link cisagov 2021-12-17
Ellucian Ellucian Messaging Adapter (EMA) Unknown link cisagov 2021-12-17
Ellucian Ellucian Mobile Unknown link cisagov 2021-12-17
Ellucian Ellucian Payment Gateway Unknown link cisagov 2021-12-17
Ellucian Ellucian PowerCampus Unknown link cisagov 2021-12-17
Ellucian Ellucian Solution Manager Unknown link cisagov 2021-12-17
Ellucian Ellucian Workflow Unknown link cisagov 2021-12-17
Ellucian Enterprise Identity Services(BEIS) Unknown link cisagov 2021-12-17
Emerson 148 Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 2051 Pressure Transmitter Family Unknown link cisagov 2021-12-17
Emerson 2088 Pressure Transmitter Family Unknown link cisagov 2021-12-17
Emerson 2090F/2090P Pressure Transmitters Unknown link cisagov 2021-12-17
Emerson 215 Pressure Sensor Module Unknown link cisagov 2021-12-17
Emerson 248 Configuration Application Unknown link cisagov 2021-12-17
Emerson 248 Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 3051 & 3051S Pressure transmitter families Unknown link cisagov 2021-12-17
Emerson 3144P Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 326P Pressure Transmitter Unknown link cisagov 2021-12-17
Emerson 326T Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 327T Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 4088 Pressure Transmitter Unknown link cisagov 2021-12-17
Emerson 4088 Upgrade Utility Unknown link cisagov 2021-12-17
Emerson 4600 Pressure Transmitter Unknown link cisagov 2021-12-17
Emerson 4732 Endeavor Unknown link cisagov 2021-12-17
Emerson 4732 Endeavor Unknown link cisagov 2021-12-17
Emerson 550 PT Pressure Transmitter Unknown link cisagov 2021-12-17
Emerson 5726 Transmitter Unknown link cisagov 2021-12-17
Emerson 5726 Transmitter Unknown link cisagov 2021-12-17
Emerson 644 Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 648 Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson 848T Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson Combustion: OCX OXT 6888 CX1100 6888Xi Unknown link cisagov 2021-12-17
Emerson CT2211 QCL Aerosol Microleak Detection System Unknown link cisagov 2021-12-17
Emerson CT3000 QCL Automotive OEM Gas Analyzer Unknown link cisagov 2021-12-17
Emerson CT4000 QCL Marine OEM Gas Analyzer Unknown link cisagov 2021-12-17
Emerson CT4215 QCL Packaging Leak Detection System Unknown link cisagov 2021-12-17
Emerson CT4400 QCL General Purpose Continuous Gas Analyzer Unknown link cisagov 2021-12-17
Emerson CT4404 QCL pMDI Leak Detection Analyzer Unknown link cisagov 2021-12-17
Emerson CT5100 QCL Field Housing Continuous Gas Analyzer Unknown link cisagov 2021-12-17
Emerson CT5400 QCL General Purpose Continuous Gas Analyzer Unknown link cisagov 2021-12-17
Emerson CT5800 QCL Flameproof Housing Continuous Gas Analyzer Unknown link cisagov 2021-12-17
Emerson DHNC1 DHNC2 Unknown link cisagov 2021-12-17
Emerson DHNC1 DHNC2 Unknown link cisagov 2021-12-17
Emerson Emerson Aperio software Unknown link cisagov 2021-12-17
Emerson Engineering Assistant 5.x & 6.x Unknown link cisagov 2021-12-17
Emerson Fieldwatch and Service consoles Unknown link cisagov 2021-12-17
Emerson Fieldwatch and Service consoles Unknown link cisagov 2021-12-17
Emerson Flame Detection: 975UF & 975UR Infrared Flame Detectors 975HR Infrared Hydrogen Flame Detector 975MR Multi-Spectrum Infrared Flame Detector Unknown link cisagov 2021-12-17
Emerson Flarecheck FlowCheck Flowel & PWAM software Unknown link cisagov 2021-12-17
Emerson Flarecheck FlowCheck Flowel & PWAM software Unknown link cisagov 2021-12-17
Emerson Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD) Unknown link cisagov 2021-12-17
Emerson Gas Analysis: X-STREAM Enhanced (XEGP XEGK XEGC XEGF XEFD XECLD) Unknown link cisagov 2021-12-17
Emerson Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020 Unknown link cisagov 2021-12-17
Emerson Gas Chromatographs: M500/2350A MON2000 700XA/1500XA 370XA MON2020 Unknown link cisagov 2021-12-17
Emerson Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor Unknown link cisagov 2021-12-17
Emerson Gas Detection: Millennium II Basic Single & Dual Channel 928 Wireless Gas Monitor/628 Gas Sensor 935 & 936 Open Path Gas Detector Millennium Air Particle Monitor Unknown link cisagov 2021-12-17
Emerson Incus Ultrasonic gas leak detector Unknown link cisagov 2021-12-17
Emerson K-Series Coriolis Transmitters Unknown link cisagov 2021-12-17
Emerson K-Series Coriolis Transmitters Unknown link cisagov 2021-12-17
Emerson Liquid Transmitters: 5081 1066 1056 1057 56 Unknown link cisagov 2021-12-17
Emerson Mark III Gas and Liquid USM Unknown link cisagov 2021-12-17
Emerson Mark III Gas and Liquid USM Unknown link cisagov 2021-12-17
Emerson MPFM2600 & MPFM5726 Unknown link cisagov 2021-12-17
Emerson MPFM2600 & MPFM5726 Unknown link cisagov 2021-12-17
Emerson Plantweb Advisor for Metrology and Metering Suite SDK Unknown link cisagov 2021-12-17
Emerson Plantweb Advisor for Metrology and Metering Suite SDK Unknown link cisagov 2021-12-17
Emerson Prolink Configuration Software Unknown link cisagov 2021-12-17
Emerson Prolink Configuration Software Unknown link cisagov 2021-12-17
Emerson Prolink Mobile Application & ProcessViz Software Unknown link cisagov 2021-12-17
Emerson Prolink Mobile Application & ProcessViz Software Unknown link cisagov 2021-12-17
Emerson Rosemount 2230 Graphical Field Display Unknown link cisagov 2021-12-17
Emerson Rosemount 2240S Multi-input Temperature Transmitter Unknown link cisagov 2021-12-17
Emerson Rosemount 2410 Tank Hub Unknown link cisagov 2021-12-17
Emerson Rosemount 2460 System Hub Unknown link cisagov 2021-12-17
Emerson Rosemount 3490 Controller Unknown link cisagov 2021-12-17
Emerson Rosemount CMS/IOU 61 Unknown link cisagov 2021-12-17
Emerson Rosemount CMS/SCU 51/SCC Unknown link cisagov 2021-12-17
Emerson Rosemount CMS/WSU 51/SWF 51 Unknown link cisagov 2021-12-17
Emerson Rosemount IO-Link Assistant Unknown link cisagov 2021-12-17
Emerson Rosemount Level Detectors (21xx) Unknown link cisagov 2021-12-17
Emerson Rosemount Level Transmitters (14xx 33xx 53xx 54xx 56xx) Unknown link cisagov 2021-12-17
Emerson Rosemount Radar Configuration Tool Unknown link cisagov 2021-12-17
Emerson Rosemount Radar Level Gauges (Pro 39xx 59xx) Unknown link cisagov 2021-12-17
Emerson Rosemount RadarMaster and RadarMaster Plus Unknown link cisagov 2021-12-17
Emerson Rosemount Tank Radar Gauges (TGUxx) Unknown link cisagov 2021-12-17
Emerson Rosemount TankMaster and TankMaster Mobile Unknown link cisagov 2021-12-17
Emerson Spectrex family Flame Detectors and Rosemount 975 flame detector Unknown link cisagov 2021-12-17
Emerson USM 3410 and 3810 Series Ultrasonic Transmitters Unknown link cisagov 2021-12-17
Emerson USM 3410 and 3810 Series Ultrasonic Transmitters Unknown link cisagov 2021-12-17
Emerson Vortex and Magmeter Transmitters Unknown link cisagov 2021-12-17
Emerson Vortex and Magmeter Transmitters Unknown link cisagov 2021-12-17
Emerson WCM SWGM Unknown link cisagov 2021-12-17
Emerson WCM SWGM Unknown link cisagov 2021-12-17
EnterpriseDT Unknown link cisagov 2022-01-12
ESET Unknown link cisagov 2022-01-12
ESRI ArcGIS Data Store All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS Enterprise All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS GeoEvent Server All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS Server All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI ArcGIS Workflow Manager Server All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
ESRI Portal for ArcGIS All Fixed link Requires script remediation. ESRI has created scripts to remove the JndiLookup class, but has not issued patches to upgrade the Log4j versions cisagov 2021-12-17
Estos Unknown link cisagov 2022-01-12
Evolveum Midpoint Unknown link cisagov 2022-01-12
Ewon Unknown link cisagov 2022-01-12
Exabeam Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Exact Unknown link cisagov 2022-01-12
Exivity Unknown link cisagov 2022-01-12
ExtraHop Reveal(x) <=8.4.6, <=8.5.3, <=8.6.4 Affected link Versions >8.4.7, >8.5.4, >8.6.5 and >=8.7 are fixed. cisagov 2021-12-21
eXtreme Hosting Unknown link cisagov 2022-01-12
Extreme Networks Unknown link cisagov 2022-01-12
Extron Unknown link cisagov 2022-01-12
F-Secure Elements Connector Unknown link cisagov 2022-01-12
F-Secure Endpoint Proxy 13-15 Affected link cisagov 2022-01-12
F-Secure Messaging Security Gateway Unknown link cisagov 2022-01-12
F-Secure Policy Manager 13-15 Affected link cisagov 2022-01-12
F-Secure Policy Manager Proxy 13-15 Affected link cisagov 2022-01-12
F5 BIG-IP (all modules) Not Affected link cisagov 2022-01-12
F5 BIG-IQ Centralized Management Not Affected link cisagov 2022-01-12
F5 F5OS Not Affected link cisagov 2022-01-12
F5 NGINX App Protect Not Affected link cisagov 2022-01-12
F5 NGINX Controller Not Affected link cisagov 2022-01-12
F5 NGINX Ingress Controller Not Affected link cisagov 2022-01-12
F5 NGINX Instance Manager Not Affected link cisagov 2022-01-12
F5 NGINX Open Source Not Affected link cisagov 2022-01-12
F5 NGINX Plus Not Affected link cisagov 2022-01-12
F5 NGINX Service Mesh Not Affected link cisagov 2022-01-12
F5 NGINX Unit Not Affected link cisagov 2022-01-12
F5 Traffix SDC 5.x (5.2.0 CF1, 5.1.0 CF-30 - 5.1.0 CF-33) Affected link Vulnerable components: EMS-ELK components (Fluentd + Elastic Search + Kibana), Element Management System cisagov 2022-01-12
FAST LTA Unknown link cisagov 2022-01-12
Fastly Unknown link cisagov 2022-01-12
FedEx Ship Manager Software Unknown Affected link Note: FedEx is aware of the issue related to the Log4j Remote Code Execution vulnerability affecting various Apache products. We are actively assessing the situation and taking necessary action as appropriate. As a result, we are temporarily unable to provide a link to download the FedEx Ship Manager software or generate product keys needed for registration of FedEx Ship Manager software. We are working to have this resolved as quickly as possible and apologize for the inconvenience. For related questions or the most updated information, customers should check FedEx Updates for Apache Log4j Issue or contact their Customer Technology representative. cisagov 2021-12-15
Fiix Fiix CMMS Core v5 Fixed link The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. cisagov 2021-12-15
FileCap Unknown link cisagov 2022-01-12
FileCatalyst Unknown link cisagov 2022-01-12
FileCloud Unknown link cisagov 2022-01-12
FileWave Unknown link cisagov 2022-01-12
FINVI Unknown link cisagov 2022-01-12
FireDaemon Unknown link cisagov 2022-01-12
Fisher & Paykel Healthcare Unknown link cisagov 2021-12-21
Flexagon Unknown link cisagov 2022-01-12
Flexera Unknown link cisagov 2022-01-12
Forcepoint DLP Manager Unknown link cisagov 2022-01-12
Forcepoint Forcepoint Cloud Security Gateway (CSG) Unknown link cisagov 2022-01-12
Forcepoint Next Generation Firewall (NGFW) Unknown link cisagov 2022-01-12
Forcepoint Next Generation Firewall, NGFW VPN Client, Forcepoint User ID service and Sidewinder Unknown link cisagov 2022-01-12
Forcepoint One Endpoint Unknown link cisagov 2022-01-12
Forcepoint Security Manager (Web, Email and DLP) Unknown link cisagov 2022-01-12
Forescout Unknown link cisagov 2022-01-12
ForgeRock Autonomous Identity Unknown link all other ForgeRock products Not vulnerable cisagov 2022-01-12
Fortinet FortiAIOps Unknown link cisagov 2022-01-12
Fortinet FortiAnalyzer Unknown link cisagov 2022-01-12
Fortinet FortiAnalyzer Cloud Unknown link cisagov 2022-01-12
Fortinet FortiAP Unknown link cisagov 2022-01-12
Fortinet FortiAuthenticator Unknown link cisagov 2022-01-12
Fortinet FortiCASB Unknown link cisagov 2022-01-12
Fortinet FortiConvertor Unknown link cisagov 2022-01-12
Fortinet FortiDeceptor Unknown link cisagov 2022-01-12
Fortinet FortiEDR Agent Unknown link cisagov 2022-01-12
Fortinet FortiEDR Cloud Unknown link cisagov 2022-01-12
Fortinet FortiGate Cloud Unknown link cisagov 2022-01-12
Fortinet FortiGSLB Cloud Unknown link cisagov 2022-01-12
Fortinet FortiMail Unknown link cisagov 2022-01-12
Fortinet FortiManager Unknown link cisagov 2022-01-12
Fortinet FortiManager Cloud Unknown link cisagov 2022-01-12
Fortinet FortiNAC Unknown link cisagov 2022-01-12
Fortinet FortiNAC Unknown link cisagov 2022-01-12
Fortinet FortiOS (includes FortiGate & FortiWiFi) Unknown link cisagov 2022-01-12
Fortinet FortiPhish Cloud Unknown link cisagov 2022-01-12
Fortinet FortiPolicy Unknown link cisagov 2022-01-12
Fortinet FortiPortal Unknown link cisagov 2022-01-12
Fortinet FortiRecorder Unknown link cisagov 2022-01-12
Fortinet FortiSIEM Unknown link cisagov 2022-01-12
Fortinet FortiSOAR Unknown link cisagov 2022-01-12
Fortinet FortiSwicth Cloud in FortiLANCloud Unknown link cisagov 2022-01-12
Fortinet FortiSwitch & FortiSwitchManager Unknown link cisagov 2022-01-12
Fortinet FortiToken Cloud Unknown link cisagov 2022-01-12
Fortinet FortiVoice Unknown link cisagov 2022-01-12
Fortinet FortiWeb Cloud Unknown link cisagov 2022-01-12
Fortinet ShieldX Unknown link cisagov 2022-01-12
FTAPI Unknown link cisagov 2022-01-12
Fujitsu Unknown link cisagov 2022-01-12
FusionAuth FusionAuth Not Affected link cisagov 2022-01-12
GE Digital Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2021-12-22
GE Digital Grid Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2021-12-22
GE Gas Power Asset Performance Management (APM) Unknown link GE verifying workaround. cisagov 2021-12-22
GE Gas Power Baseline Security Center (BSC) Unknown link Vulnerability to be fixed by vendor provided workaround. No user actions necessary. Contact GE for details. cisagov 2021-12-22
GE Gas Power Baseline Security Center (BSC) 2.0 Unknown link Vulnerability to be fixed by vendor provided workaround. No user actions necessary. Contact GE for details cisagov 2021-12-22
GE Gas Power Control Server Unknown link The Control Server is Affected via vCenter. There is a fix for vCenter. Please see below. GE verifying the vCenter fix as proposed by the vendor. cisagov 2021-12-22
GE Gas Power Tag Mapping Service Unknown link Vulnerability fixed. No user actions necessary. Updated to log4j 2.16 cisagov 2021-12-22
GE Healthcare Unknown link This advisory is not available at the time of this review, due to maintence on the GE Healthcare website. cisagov 2021-12-22
Gearset Unknown link cisagov 2022-01-12
Genesys Unknown link cisagov 2022-01-12
GeoServer Unknown link cisagov 2022-01-12
Gerrit code review Unknown link cisagov 2022-01-12
GFI Unknown link cisagov 2022-01-12
Ghidra Unknown link cisagov 2022-01-12
Gigamon Fabric Manager <5.13.01.02 Affected link Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA. cisagov 2021-12-21
GitHub GitHub GitHub.com and GitHub Enterprise Cloud Fixed link cisagov 2021-12-17
GitLab Unknown link cisagov 2022-01-12
Globus Unknown link cisagov 2022-01-12
GoAnywhere Gateway < 2.8.4 Affected link cisagov 2021-12-18
GoAnywhere MFT < 6.8.6 Affected link cisagov 2021-12-18
GoAnywhere MFT Agents < 1.6.5 Affected link cisagov 2021-12-18
GoCD Unknown link cisagov 2022-01-12
Google Chrome Not Affected link Chrome Browser releases, infrastructure and admin console are not using versions of Log4j affected by the vulnerability. cisagov 2022-01-14
Google Cloud Access Transparency Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Actifio Unknown link Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit https://now.actifio.com for the full statement and to obtain the hotfix (available to Actifio customers only). cisagov 2021-12-21
Google Cloud AI Platform Data Labeling Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AI Platform Neural Architecture Search (NAS) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AI Platform Training and Prediction Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Anthos Config Management Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Connect Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Hub Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Identity Service Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos on VMWare Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds to their VMware products as they become available. We also recommend customers review their respective applications and workloads affected by the same vulnerabilities and apply appropriate patches. cisagov 2021-12-21
Google Cloud Anthos Premium Software Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Anthos Service Mesh Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Apigee Unknown link Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not used and therefore the VMs were not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. It is possible that customers may have introduced custom resources that are using vulnerable versions of Log4j. We strongly encourage customers who manage Apigee environments to identify components dependent on Log4j and update them to the latest version. Visit the Apigee Incident Report for more information. cisagov 2021-12-17
Google Cloud App Engine Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage App Engine environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud AppSheet Unknown link The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core AppSheet functionality. Additionally, we have patched one Java-based auxiliary service in our platform. We will continue to monitor for affected services and patch or remediate as required. If you have any questions or require assistance, contact AppSheet Support. cisagov 2021-12-21
Google Cloud Artifact Registry Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Assured Workloads Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Natural Language Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Tables Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Translation Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Video Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud AutoML Vision Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud BigQuery Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud BigQuery Data Transfer Service Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud BigQuery Omni Unknown link BigQuery Omni, which runs on AWS and Azure infrastructure, does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We continue to work with AWS and Azure to assess the situation. cisagov 2021-12-19
Google Cloud Binary Authorization Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Certificate Manager Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Chronicle Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Asset Inventory Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Bigtable Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Cloud Build Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Build environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud CDN Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Composer Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible that customers may have imported or introduced other dependencies via DAGs, installed PyPI modules, plugins, or other services that are using vulnerable versions of Log4j 2. We strongly encourage customers, who manage Composer environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-15
Google Cloud Cloud Console App Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Data Loss Prevention Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Debugger Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Deployment Manager Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud DNS Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Endpoints Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud External Key Manager (EKM) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Functions Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Hardware Security Module (HSM) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Interconnect Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Intrusion Detection System (IDS) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Key Management Service Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Load Balancing Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Logging Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Natural Language API Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Network Address Translation (NAT) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Profiler Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Router Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Run Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Run for Anthos Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Scheduler Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud SDK Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Shell Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Shell environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Cloud Source Repositories Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Spanner Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Cloud SQL Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Cloud Storage Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Tasks Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Trace Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Traffic Director Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Cloud Translation Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Vision Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud Vision OCR On-Prem Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Cloud VPN Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud CompilerWorks Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Compute Engine Unknown link Compute Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes to Google Cloud VMware Engine as they become available. cisagov 2021-12-20
Google Cloud Contact Center AI (CCAI) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Contact Center AI Insights Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Container Registry Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Data Catalog Unknown link Data Catalog has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers who introduced their own connectors to identify dependencies on Log4j 2 and update them to the latest version. cisagov 2021-12-20
Google Cloud Data Fusion Unknown link Data Fusion does not use Log4j 2, but uses Dataproc as one of the options to execute pipelines. Dataproc released new images on December 18, 2021 to address the vulnerability in CVE-2021-44228 and CVE-2021-45046. Customers must follow instructions in a notification sent on December 18, 2021 with the subject line “Important information about Data Fusion.” cisagov 2021-12-20
Google Cloud Database Migration Service (DMS) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Dataflow Unknown link Dataflow does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. If you have changed dependencies or default behavior, it is strongly recommended you verify there is no dependency on vulnerable versions Log4j 2. Customers have been provided details and instructions in a notification sent on December 17, 2021 with the subject line “Update #1 to Important information about Dataflow.” cisagov 2021-12-17
Google Cloud Dataproc Unknown link Dataproc released new images on December 18, 2021 to address the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Customers must follow the instructions in notifications sent on December 18, 2021 with the subject line “Important information about Dataproc” with Dataproc documentation. cisagov 2021-12-20
Google Cloud Dataproc Metastore Unknown link Dataproc Metastore has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers who need to take actions were sent two notifications with instructions on December 17, 2021 with the subject line “Important information regarding Log4j 2 vulnerability in your gRPC-enabled Dataproc Metastore.” cisagov 2021-12-20
Google Cloud Datastore Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Datastream Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Dialogflow Essentials (ES) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Document AI Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Event Threat Detection Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Eventarc Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Filestore Unknown link Log4j 2 is contained within the Filestore service; there is a technical control in place that mitigates the vulnerabilities in CVE-2021-44228 and CVE-2021-45046. Log4j 2 will be updated to the latest version as part of the scheduled rollout in January 2022. cisagov 2021-12-21
Google Cloud Firebase Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Firestore Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Game Servers Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Google Cloud Armor Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Google Cloud Armor Managed Protection Plus Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Google Cloud VMware Engine Unknown link We are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes as they become available. cisagov 2021-12-11
Google Cloud Google Kubernetes Engine Unknown link Google Kubernetes Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Google Kubernetes Engine environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-21
Google Cloud Healthcare Data Engine (HDE) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Human-in-the-Loop AI Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud IoT Core Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Key Access Justifications (KAJ) Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Looker Unknown link \Looker-hosted instances have been updated to a Looker version with Log4j v2.16. Looker is currently working with third-party driver vendors to evaluate the impact of the Log4j vulnerability. As Looker does not enable logging for these drivers in Looker-hosted instances, no messages are logged. We conclude that the vulnerability is mitigated. We continue to actively work with the vendors to deploy a fix for these drivers. Looker customers who self-manage their Looker instances have received instructions through their technical contacts on how to take the necessary steps to address the vulnerability. Looker customers who have questions or require assistance, please visit Looker Support. cisagov 2021-12-18
Google Cloud Media Translation API Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Memorystore Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-19
Google Cloud Migrate for Anthos Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Migrate for Compute Engine (M4CE) Unknown link M4CE has been updated to mitigate the issues identified in CVE-2021-44228 and CVE-2021-45046. M4CE has been updated to version 4.11.9 to address the vulnerabilities. A notification was sent to customers on December 17, 2021 with subject line “Important information about CVE-2021-44228 and CVE-2021-45046” for M4CE V4.11 or below. If you are on M4CE v5.0 or above, no action is needed. cisagov 2021-12-19
Google Cloud Network Connectivity Center Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Network Intelligence Center Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Network Service Tiers Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Persistent Disk Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Pub/Sub Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-16
Google Cloud Pub/Sub Lite Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Pub/Sub Lite environments to identify components dependent on Log4j 2 and update them to the latest version. cisagov 2021-12-16
Google Cloud reCAPTCHA Enterprise Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Recommendations AI Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Retail Search Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Risk Manager Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Secret Manager Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Security Command Center Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Service Directory Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Service Infrastructure Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Speaker ID Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Speech-to-Text Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Speech-to-Text On-Prem Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Storage Transfer Service Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Talent Solution Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Text-to-Speech Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Transcoder API Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Transfer Appliance Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Video Intelligence API Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Virtual Private Cloud Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-20
Google Cloud Web Security Scanner Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Google Cloud Workflows Unknown link Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-21
Gradle Gradle Unknown link Gradle Scala Compiler Plugin depends upon log4j-core but it is not used. cisagov 2022-01-12
Gradle Gradle Enterprise < 2021.3.6 Affected link cisagov 2022-01-12
Gradle Gradle Enterprise Build Cache Node < 10.1 Affected link cisagov 2022-01-12
Gradle Gradle Enterprise Test Distribution Agent < 1.6.2 Affected link cisagov 2022-01-12
Grafana Unknown link cisagov 2022-01-12
Grandstream Unknown link cisagov 2022-01-12
Gravitee Access Management Not Affected link cisagov 2022-01-12
Gravitee Access Management Not Affected link cisagov 2022-01-12
Gravitee Alert Engine Not Affected link cisagov 2022-01-12
Gravitee Alert Engine Not Affected link cisagov 2022-01-12
Gravitee API Management Not Affected link cisagov 2022-01-12
Gravitee API Management Not Affected link cisagov 2022-01-12
Gravitee Cockpit Not Affected link cisagov 2022-01-12
Gravitee.io Unknown link cisagov 2022-01-12
Gravwell Unknown link cisagov 2022-01-12
Graylog Graylog Server All versions >= 1.2.0 and <= 4.2.2 Affected link cisagov 2022-01-12
GreenShot Unknown link cisagov 2022-01-12
GSA Cloud.gov Unknown link cisagov 2021-12-21
Guidewire Unknown link cisagov 2022-01-12
HAProxy Unknown link cisagov 2022-01-12
HarmanPro AMX Unknown link cisagov 2022-01-12
HashiCorp Boundary Unknown link cisagov 2022-01-12
HashiCorp Consul Unknown link cisagov 2022-01-12
HashiCorp Consul Enterprise Unknown link cisagov 2022-01-12
HashiCorp Nomad Unknown link cisagov 2022-01-12
HashiCorp Nomad Enterprise Unknown link cisagov 2022-01-12
HashiCorp Packer Unknown link cisagov 2022-01-12
HashiCorp Terraform Unknown link cisagov 2022-01-12
HashiCorp Terraform Enterprise Unknown link cisagov 2022-01-12
HashiCorp Vagrant Unknown link cisagov 2022-01-12
HashiCorp Vault Unknown link cisagov 2022-01-12
HashiCorp Vault Enterprise Unknown link cisagov 2022-01-12
HashiCorp Waypoint Unknown link cisagov 2022-01-12
HCL Software BigFix Compliance Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Insights Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Insights for Vulnerability Remediation Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Inventory < 10.0.7 Fixed link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Lifecycle Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Mobile Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HCL Software BigFix Patch Not Affected link Not Affected for related CVE-2021-45046 cisagov 2021-12-15
HelpSystems Clearswift Unknown link cisagov 2022-01-12
HENIX Squash TM 1.21.7-1.22.9, 2.0.3-2.1.5, 2.2.0-3.0.2 Fixed link cisagov 2021-12-23
Hexagon Unknown link cisagov 2022-01-12
Hikvision Unknown link cisagov 2022-01-12
Hitachi Energy 3rd party - Elastic Search, Kibana Elasticsearch 5.0.0+ Fixed link Set the JVM option -Dlog4j2.formatMsgNoLookups=true and restart each node of the cluster. cisagov 2022-01-05
Hitachi Energy 3rd party - Oracle Database Components 12.1, 12.2, 19c Fixed link As this is a third-party component, a separate patch management report will be provided to customers with the steps to apply the Oracle provided patches for these components. cisagov 2022-01-05
Hitachi Energy Axis 3.6 Fixed link No action is required by customers. Axis is a fully SaaS hosted solution and the environment has been patched per the recommendations cisagov 2022-01-05
Hitachi Energy Counterparty Settlement and Billing (CSB) v6 Fixed link cisagov 2022-01-05
Hitachi Energy e-Mesh Monitor Unknown link No end-user action needed. The affected e-Mesh Monitor part is at the cloud offering side of which the remediation is handled by Hitachi Energy team. Remediation is currently ongoing, and during this time period, e-Mesh Monitor edge device is not able to upload data to cloud. cisagov 2022-01-05
Hitachi Energy eSOMS Unknown link cisagov 2022-01-12
Hitachi Energy FOXMAN-UN R15A, R14B, R14A, R11B SP1 Fixed link A patch is available for releases R15A, R14B, R14A and R11B SP1. . For details on how to apply such patch, please refer to the technical bulletin “FOXMAN-UN - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. cisagov 2022-01-05
Hitachi Energy FOXMAN-UN R11A and R10 series Fixed link Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. cisagov 2022-01-05
Hitachi Energy Lumada APM On-premises Unknown link See vendor advisory for instructions for various versions. cisagov 2022-01-05
Hitachi Energy Lumada APM SaaS offering Unknown link No action is required by customers. The SaaS offering has been patched per the recommendations. cisagov 2022-01-05
Hitachi Energy Lumada EAM / FSM v1.7.x, v1.8.x, v1.9.x Fixed link See Section Mitigation Strategy in vendor advisory. cisagov 2022-01-05
Hitachi Energy MMS Internal facing subcomponent. Unknown link cisagov 2022-01-05
Hitachi Energy Network Manager ADMS Network Model Server 9.1.0.32-9.1.0.44 Fixed link See vendor advisory for instructions on mitigation steps. cisagov 2022-01-05
Hitachi Energy Network Manager Outage Management Interface (CMI) 9.0-9.10.44, 9.1.1, 10.3.4 Fixed link See vendor advisory for instructions on mitigation steps. cisagov 2022-01-05
Hitachi Energy nMarket Global I-SEM 3.7.15, 3.7.16 Fixed link cisagov 2022-01-05
Hitachi Energy RelCare 2.0.0 Fixed link No action is required by customers. The RelCare SaaS hosted solution and the on-premises have been patched per the recommendations. cisagov 2022-01-05
Hitachi Energy UNEM R15A, R14B, R14A, R11B SP1 Fixed link A patch is available for releases R15A, R14B, R14A and R11B SP1. For details on how to apply such patch, please refer to the technical bulletin “UNEM - Installation of Log4j Patch”, version A (1KHW029176) available in the Hitachi Energy Customer Connect Portal. cisagov 2022-01-05
Hitachi Energy UNEM R11A and R10 series Fixed link Apply General Mitigations and upgrade to latest version. For upgrades, please get in touch with your Hitachi Energy contacts. cisagov 2022-01-05
Hitachi Vantara Unknown link cisagov 2022-01-12
HMS Industrial Networks AB Cosy, Flexy and Ewon CD Unknown link cisagov 2022-01-05
HMS Industrial Networks AB eCatcher Mobile applications Unknown link cisagov 2022-01-05
HMS Industrial Networks AB eCatcher Windows software Unknown link cisagov 2022-01-05
HMS Industrial Networks AB Netbiter Hardware including EC, WS, and LC Unknown link cisagov 2022-01-05
HMS Industrial Networks AB Talk2M including M2Web Unknown link cisagov 2022-01-05
HOLOGIC Advanced Workflow Manager (AWM) Unknown link While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. cisagov 2021-12-20
HOLOGIC Affirm Prone Biopsy System Unknown link cisagov 2021-12-20
HOLOGIC Brevera Breast Biopsy System Unknown link cisagov 2021-12-20
HOLOGIC Cenova Image Analytics Server Unknown link cisagov 2021-12-20
HOLOGIC Dimensions / 3Dimensions Mammography System Unknown link cisagov 2021-12-20
HOLOGIC Discovery Bone Densitometer Unknown link cisagov 2021-12-20
HOLOGIC Faxitron CT Specimen Radiography System Unknown link While the Hologic software itself does not utilize Java/Log4J, there is a utility program installed that may utilize Java and Log4J. This utility program does not run on startup and is not required for system operation. Please contact Hologic Service for assistance in removing this program. cisagov 2021-12-20
HOLOGIC Faxitron Specimen Radiography Systems Unknown link cisagov 2021-12-20
HOLOGIC Fluoroscan Insight Mini C-Arm Unknown link cisagov 2021-12-20
HOLOGIC Horizon DXA Bone Densitometer Unknown link cisagov 2021-12-20
HOLOGIC Rosetta DC Tomosynthesis Data Converter Unknown link cisagov 2021-12-20
HOLOGIC SecurView DX Workstation Unknown link cisagov 2021-12-20
HOLOGIC SecurXChange Router Unknown link cisagov 2021-12-20
HOLOGIC SuperSonic Imagine Ultrasound Products (Aixplorer & Aixplorer Mach) Unknown link cisagov 2021-12-20
HOLOGIC Trident HD Specimen Radiography System Unknown link cisagov 2021-12-20
HOLOGIC Unifi Workspace Unknown link While the Hologic software itself does not utilize Java/Log4J, the installed APC PowerChute UPS with Business Edition v9.5 software installed may. APC is still assessing its PowerChute software to determine if it is vulnerable. cisagov 2021-12-20
HOLOGIC Windows Selenia Mammography System Unknown link cisagov 2021-12-20
Honeywell Unknown link cisagov 2022-01-12
HP Teradici Cloud Access Controller < v113 Fixed link cisagov 2021-12-17
HP Teradici EMSDK < 1.0.6 Fixed link cisagov 2021-12-17
HP Teradici Management Console < 21.10.3 Fixed link cisagov 2021-12-17
HP Teradici PCoIP Connection Manager < 21.03.6, < 20.07.4 Fixed link cisagov 2021-12-17
HP Teradici PCoIP License Server Unknown link cisagov 2021-12-17
HPE 3PAR StoreServ Arrays Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE AirWave Management Platform Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Alletra 6000 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Alletra 9k Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba Central Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba ClearPass Policy Manager Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba ClearPass Policy Manager Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba Instant (IAP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba Location Services Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba NetEdit Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba PVOS Switches Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba SDN VAN Controller Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba User Experience Insight (UXI) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Aruba VIA Client Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS SD-WAN Controllers and Gateways Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS Wi-Fi Controllers and Gateways Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS-CX switches Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE ArubaOS-S switches Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE BladeSystem Onboard Administrator Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade 16Gb Fibre Channel SAN Switch for HPE Synergy Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade 16Gb SAN Switch for HPE BladeSystem c-Class Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade 32Gb Fibre Channel SAN Switch for HPE Synergy Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Brocade Network Advisor Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE CloudAuth Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE CloudPhysics Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Compute Cloud Console Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Compute operations manager- FW UPDATE SERVICE Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE COS (Cray Operating System) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Cray Systems Management (CSM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Custom SPP Portal Link Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Data Services Cloud Console Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Harmony Data Platform Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HOP public services (grafana, vault, rancher, Jenkins) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN2600B SAN Extension Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN4000B SAN Extension Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6000B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6500B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6600B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6650B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE B-series SN6700B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Customer Experience Assurance (CEA) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Hardware Support Manager plug-in for VMware vSphere Lifecycle Manager Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Home Location Register (HLR/I-HLR) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Infosight for Servers Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Integrated Home Subscriber Server (I-HSS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Intelligent Messaging (IM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Intelligent Network Server (INS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Multimedia Services Environment (MSE) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Convergent Communications Platform (OCCP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Media Platform Media Resource Function (OCMP-MRF) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Service Access Controller (OC SAC) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Service Controller (OCSC) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OC Universal Signaling Platform (OC-USP-M) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE OneView Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE OneView for VMware vRealize Operations (vROps) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE OneView Global Dashboard Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Performance Cluster Manager (HPCM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Performance Manager (PM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Position Determination Entity (PDE) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Secure Identity Broker (SIB) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Activator (SA) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Governance Framework (SGF) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Orchestration Manager (SOM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Service Provisioner (SP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Short Message Point-to-Point Gateway (SMPP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Slingshot Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Smart Interaction Server (SIS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE SN3000B Fibre Channel Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8000B 4-Slot SAN Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8000B 8-Slot SAN Backbone Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8600B 4-Slot SAN Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8600B 8-Slot SAN Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8700B 4-Slot Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE SN8700B 8-Slot Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Subscriber, Network, and Application Policy (SNAP) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Subscription Manager (SM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Synergy Image Streamer Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Systems Insight Manager (SIM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Telecom Application Server (TAS) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified Correlation and Automation (UCA) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified Mediation Bus (UMB) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified OSS Console (UOC) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Unified Topology Manager (UTM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Universal Identity Repository (VIR) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Universal SLA Manager (uSLAM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Virtual Connect Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Virtual Connect Enterprise Manager (VCEM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Virtual Provisioning Gateway (vPGW) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Virtual Server Environment (VSE) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE HPE Virtual Subscriber Data Management (vSDM) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE WebRTC Gateway Controller (WGW) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-14
HPE HPE Wi-Fi Authentication Gateway (WauG) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Insight Cluster Management Utility (CMU) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrated Lights-Out (iLO) Amplifier Pack Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrated Lights-Out 4 (iLO 4) Not Affected link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrated Lights-Out 5 (iLO 5) Not Affected link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity BL860c, BL870c, BL890c Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity Rx2800/Rx2900 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity Superdome 2 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Integrity Superdome X Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Intelligent Provisioning Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE iSUT integrated smart update tool Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Maven Artifacts (Atlas) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE MSA Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE NetEdit Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Nimble Storage Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE NS-T0634-OSM CONSOLE TOOLS Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE NS-T0977-SCHEMA VALIDATOR Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE OfficeConnect Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Primera Storage Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE RepoServer part of OPA (on Premises aggregator) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Resource Aggregator for Open Distributed Infrastructure Management Not Affected link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE RESTful Interface Tool (iLOREST) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SAT (System Admin Toolkit) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Scripting Tools for Windows PowerShell (HPEiLOCmdlets) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI MC990 X Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI UV 2000 Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI UV 300, 300H, 300RL, 30EX Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SGI UV 3000 Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SN8700B 8-Slot Director Switch Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEasy Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEver CVTL Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEver LTO Tape Drives Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreEver MSL Tape Libraries Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE StoreOnce Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE SUM (Smart Update Manager) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Superdome Flex 280 Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE Superdome Flex Server Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE UAN (User Access Node) Unknown link Support Communication Cross Reference ID: SIK7387 cisagov 2021-12-12
HPE/Micro Focus Data Protector 9.09 Fixed link https://portal.microfocus.com/s/article/KM000003050 cisagov 2021-12-17
Huawei Unknown link cisagov 2022-01-12
Hubspot Unknown link cisagov 2022-01-12
I-Net software Unknown link cisagov 2022-01-12
I2P Unknown link cisagov 2022-01-12
IBA-AG Unknown link cisagov 2022-01-12
Ibexa Unknown link cisagov 2022-01-12
IBM Analytics Engine Unknown link cisagov 2021-12-15
IBM App Configuration Unknown link cisagov 2021-12-15
IBM App Connect Unknown link cisagov 2021-12-15
IBM App ID Unknown link cisagov 2021-12-15
IBM Application Gateway Unknown link cisagov 2021-12-15
IBM Aspera Unknown link cisagov 2021-12-15
IBM Aspera Endpoint Unknown link cisagov 2021-12-15
IBM Aspera Enterprise Unknown link cisagov 2021-12-15
IBM Aspera fasp.io Unknown link cisagov 2021-12-15
IBM Bare Metal Servers Unknown link cisagov 2021-12-15
IBM BigFix Compliance Unknown cisagov 2022-01-12
IBM BigFix Inventory VM Manager Tool & SAP Tool Affected To verify if your instance is affected, go to the lib subdirectory of the tool (BESClient/LMT/SAPTOOL and BESClient/LMT/VMMAN) and check what version of log4j is included. Version is included in the name of the library. cisagov 2022-01-12
IBM Block Storage Unknown link cisagov 2021-12-15
IBM Block Storage for VPC Unknown link cisagov 2021-12-15
IBM Block Storage Snapshots for VPC Unknown link cisagov 2021-12-15
IBM Case Manager Unknown link cisagov 2021-12-15
IBM Certificate Manager Unknown link cisagov 2021-12-15
IBM Client VPN for VPC Unknown link cisagov 2021-12-15
IBM Cloud Activity Tracker Unknown link cisagov 2021-12-15
IBM Cloud Backup Unknown link cisagov 2021-12-15
IBM Cloud Monitoring Unknown link cisagov 2021-12-15
IBM Cloud Object Storage Unknown link cisagov 2021-12-15
IBM Cloud Object Storage Unknown link cisagov 2021-12-15
IBM Cloudant Unknown link cisagov 2021-12-15
IBM Code Engine Unknown link cisagov 2021-12-15
IBM Cognos Command Center Unknown link cisagov 2021-12-15
IBM Cognos Controller 10.4.2 Affected link cisagov 2021-12-15
IBM Cognos Integration Server Unknown link cisagov 2021-12-15
IBM Compose Enterprise Unknown link cisagov 2021-12-15
IBM Compose for Elasticsearch Unknown link cisagov 2021-12-15
IBM Compose for etcd Unknown link cisagov 2021-12-15
IBM Compose for MongoDB Unknown link cisagov 2021-12-15
IBM Compose for MySQL Unknown link cisagov 2021-12-15
IBM Compose for PostgreSQL Unknown link cisagov 2021-12-15
IBM Compose for RabbitMQ Unknown link cisagov 2021-12-15
IBM Compose for Redis Unknown link cisagov 2021-12-15
IBM Compose for RethinkDB Unknown link cisagov 2021-12-15
IBM Compose for ScyllaDB Unknown link cisagov 2021-12-15
IBM Container Registry Unknown link cisagov 2021-12-15
IBM Container Security Services Unknown link cisagov 2021-12-15
IBM Content Delivery Network Unknown link cisagov 2021-12-15
IBM Continuous Delivery Unknown link cisagov 2021-12-15
IBM Copy Services Manager Unknown link cisagov 2021-12-15
IBM Databases for DataStax Unknown link cisagov 2021-12-15
IBM Databases for EDB Unknown link cisagov 2021-12-15
IBM Databases for Elasticsearch Unknown link cisagov 2021-12-15
IBM Databases for etcd Unknown link cisagov 2021-12-15
IBM Databases for MongoDB Unknown link cisagov 2021-12-15
IBM Databases for PostgreSQL Unknown link cisagov 2021-12-15
IBM Databases for Redis Unknown link cisagov 2021-12-15
IBM Datapower Gateway Unknown link cisagov 2021-12-15
IBM Dedicated Host for VPC Unknown link cisagov 2021-12-15
IBM Direct Link Connect Unknown link cisagov 2021-12-15
IBM Direct Link Connect on Classic Unknown link cisagov 2021-12-15
IBM Direct Link Dedicated (2.0) Unknown link cisagov 2021-12-15
IBM Direct Link Dedicated Hosting on Classic Unknown link cisagov 2021-12-15
IBM Direct Link Dedicated on Classic Unknown link cisagov 2021-12-15
IBM Direct Link Exchange on Classic Unknown link cisagov 2021-12-15
IBM DNS Services Unknown link cisagov 2021-12-15
IBM Emptoris Contract Management Unknown link cisagov 2021-12-15
IBM Emptoris Program Management Unknown link cisagov 2021-12-15
IBM Emptoris Sourcing Unknown link cisagov 2021-12-15
IBM Emptoris Spend Analysis Unknown link cisagov 2021-12-15
IBM Emptoris Supplier Lifecycle Management Unknown link cisagov 2021-12-15
IBM Enterprise Tape Controller Model C07 (3592) (ETC) Unknown link cisagov 2021-12-15
IBM Event Notifications Unknown link cisagov 2021-12-15
IBM Event Streams Unknown link cisagov 2021-12-15
IBM File Storage Unknown link cisagov 2021-12-15
IBM Flash System 900 (& 840) Unknown link cisagov 2021-12-15
IBM Flow Logs for VPC Unknown link cisagov 2021-12-15
IBM Functions Unknown link cisagov 2021-12-15
IBM GSKit Unknown link cisagov 2021-12-15
IBM Guardium S-TAP for Data Sets on z/OS Unknown link cisagov 2021-12-15
IBM Guardium S-TAP for DB2 on z/OS Unknown link cisagov 2021-12-15
IBM Guardium S-TAP for IMS on z/OS Unknown link cisagov 2021-12-15
IBM Hyper Protect Crypto Services Unknown link cisagov 2021-12-15
IBM Hyper Protect DBaaS for MongoDB Unknown link cisagov 2021-12-15
IBM Hyper Protect DBaaS for PostgreSQL Unknown link cisagov 2021-12-15
IBM Hyper Protect Virtual Server Unknown link cisagov 2021-12-15
IBM i2 Analysts Notebook Unknown link cisagov 2021-12-15
IBM i2 Base Unknown link cisagov 2021-12-15
IBM IBM Application Runtime Expert for i Unknown link cisagov 2021-12-15
IBM IBM Backup, Recovery and Media Services for i Unknown link cisagov 2021-12-15
IBM IBM Db2 Mirror for i Unknown link cisagov 2021-12-15
IBM IBM HTTP Server Unknown link cisagov 2021-12-15
IBM IBM i Access Family Unknown link cisagov 2021-12-15
IBM IBM i Portfolio of products under the Group SWMA Unknown link cisagov 2021-12-15
IBM IBM PowerHA System Mirror for i Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct Browser User Interface Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct File Agent See Vendor Links Affected link https://www.ibm.com/support/pages/node/6526688, https://www.ibm.com/support/pages/node/6528324, https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/ cisagov 2021-12-20
IBM IBM Sterling Connect:Direct for HP NonStop Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct for i5/OS Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Direct for OpenVMS Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Express for Microsoft Windows Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Express for UNIX Unknown link cisagov 2021-12-15
IBM IBM Sterling Connect:Express for z/OS Unknown link cisagov 2021-12-15
IBM Instana Agent Timestamp lower than 12-11-2021 Affected link cisagov 2021-12-14
IBM Internet Services Unknown link cisagov 2021-12-15
IBM Key Lifecycle Manager for z/OS Unknown link cisagov 2021-12-15
IBM Key Protect Unknown link cisagov 2021-12-15
IBM Knowledge Studio Unknown link cisagov 2021-12-15
IBM Kubernetes Service Unknown link cisagov 2021-12-15
IBM Load Balancer for VPC Unknown link cisagov 2021-12-15
IBM Log Analysis Unknown link cisagov 2021-12-15
IBM Managed VMware Service Unknown link cisagov 2021-12-15
IBM Management Extender for VMware vCenter Unknown cisagov 2022-01-12
IBM Mass Data Migration Unknown link cisagov 2021-12-15
IBM Maximo EAM SaaS Unknown link cisagov 2021-12-15
IBM Message Hub Unknown link cisagov 2021-12-15
IBM MQ Appliance Unknown link cisagov 2021-12-15
IBM MQ on IBM Cloud Unknown link cisagov 2021-12-15
IBM Natural Language Understanding Unknown link cisagov 2021-12-15
IBM OmniFind Text Search Server for DB2 for i Unknown link cisagov 2021-12-15
IBM OPENBMC Unknown link cisagov 2021-12-15
IBM Planning Analytics Workspace >2.0.57 Affected link cisagov 2021-12-15
IBM Power HMC V9.2.950.0 & V10.1.1010.0 Affected link cisagov 2021-12-15
IBM PowerSC Unknown link cisagov 2021-12-15
IBM PowerVM Hypervisor Unknown link cisagov 2021-12-15
IBM PowerVM VIOS Unknown link cisagov 2021-12-15
IBM QRadar Advisor Unknown link cisagov 2021-12-15
IBM Qradar Network Threat Analytics Unknown link cisagov 2021-12-15
IBM QRadar SIEM Unknown link cisagov 2021-12-15
IBM Quantum Services Unknown link cisagov 2021-12-15
IBM Rational Developer for AIX and Linux Unknown link cisagov 2021-12-15
IBM Rational Developer for i Unknown link cisagov 2021-12-15
IBM Red Hat OpenShift on IBM Cloud Unknown link cisagov 2021-12-15
IBM Resilient Unknown cisagov 2022-01-12
IBM Robotic Process Automation Unknown link cisagov 2021-12-15
IBM SAN Volume Controller and Storwize Family Unknown link cisagov 2021-12-15
IBM Satellite Infrastructure Service Unknown link cisagov 2021-12-15
IBM Schematics Unknown link cisagov 2021-12-15
IBM Secrets Manager Unknown link cisagov 2021-12-15
IBM Secure Gateway Unknown link cisagov 2021-12-15
IBM Server Automation Unknown cisagov 2022-01-12
IBM Spectrum Archive Library Edition Unknown link cisagov 2021-12-15
IBM Spectrum Discover Unknown link cisagov 2021-12-15
IBM Spectrum Protect Client Management Service Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Databases: Data Protection for Oracle Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Databases: Data Protection for SQL Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Enterprise Resource Planning Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Mail: Data Protection for Domino Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Mail: Data Protection for Exchange Unknown link cisagov 2021-12-15
IBM Spectrum Protect for Workstations Unknown link cisagov 2021-12-15
IBM Spectrum Protect for z/OS USS Client and API Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus Db2 Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus Exchange Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus File Systems Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus MongoDB Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Plus O365 Agent Unknown link cisagov 2021-12-15
IBM Spectrum Protect Server Unknown link cisagov 2021-12-15
IBM Spectrum Protect Snapshot for UNIX Unknown link cisagov 2021-12-15
IBM Spectrum Protect Snapshot for UNIX Unknown link cisagov 2021-12-15
IBM SQL Query Unknown link cisagov 2021-12-15
IBM Sterling Gentran Unknown link cisagov 2021-12-15
IBM Sterling Order Management Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for ACORD Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for Financial Services Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for FIX Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for NACHA Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for PeopleSoft Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for SAP R/3 Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for SEPA Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for Siebel Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Pack for SWIFT Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Packs for EDI Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Packs for Healthcare Unknown link cisagov 2021-12-15
IBM Sterling Transformation Extender Trading Manager Unknown link cisagov 2021-12-15
IBM Storage TS1160 Unknown link cisagov 2021-12-15
IBM Storage TS2280 Unknown link cisagov 2021-12-15
IBM Storage TS2900 Library Unknown link cisagov 2021-12-15
IBM Storage TS3100-TS3200 Library Unknown link cisagov 2021-12-15
IBM Storage TS4500 Library Unknown link cisagov 2021-12-15
IBM Storage Virtualization Engine TS7700 Unknown link cisagov 2021-12-15
IBM Tape System Library Manager Unknown link cisagov 2021-12-15
IBM TDMF for zOS Unknown link cisagov 2021-12-15
IBM Total Storage Service Console (TSSC) / TS4500 IMC Unknown link cisagov 2021-12-15
IBM Transit Gateway Unknown link cisagov 2021-12-15
IBM Tririga Anywhere Unknown link cisagov 2021-12-15
IBM TS4300 Unknown link cisagov 2021-12-15
IBM Urbancode Deploy Unknown link cisagov 2021-12-15
IBM Virtual Private Cloud Unknown link cisagov 2021-12-15
IBM Virtual Server for Classic Unknown link cisagov 2021-12-15
IBM Virtualization Management Interface Unknown link cisagov 2021-12-15
IBM VMware Solutions Unknown link cisagov 2021-12-15
IBM VMware vCenter Server Unknown link cisagov 2021-12-15
IBM VMware vSphere Unknown link cisagov 2021-12-15
IBM VPN for VPC Unknown link cisagov 2021-12-15
IBM vRealize Operations and Log Insight Unknown link cisagov 2021-12-15
IBM Workload Automation Unknown link cisagov 2021-12-15
ICONICS All Unknown link cisagov 2021-12-21
IFS Unknown link cisagov 2022-01-12
IGEL Unknown link cisagov 2022-01-12
Ignite Realtime Unknown link cisagov 2022-01-12
iGrafx Unknown link cisagov 2022-01-12
Illuminated Cloud Unknown link cisagov 2022-01-12
Illumio C-VEN Unknown link cisagov 2021-12-16
Illumio CLI Unknown link cisagov 2021-12-16
Illumio CloudSecure Unknown link cisagov 2021-12-16
Illumio Core on-premise PCE Unknown link cisagov 2021-12-16
Illumio Core SaaS PCE Unknown link cisagov 2021-12-16
Illumio Edge SaaS PCE Unknown link cisagov 2021-12-16
Illumio Edge-CrowdStrike Unknown link cisagov 2021-12-16
Illumio Flowlink Unknown link cisagov 2021-12-16
Illumio Kubelink Unknown link cisagov 2021-12-16
Illumio NEN Unknown link cisagov 2021-12-16
Illumio QRadar App Unknown link cisagov 2021-12-16
Illumio Splunk App Unknown link cisagov 2021-12-16
Illumio VEN Unknown link cisagov 2021-12-16
IManage Unknown link cisagov 2022-01-12
Imperva Unknown link cisagov 2022-01-12
Inductive Automation Ignition Not Affected link Older versions of Ignition (7.8 and older) did use the Log4j library, but they used an older version (1.2) that was not affected by this vulnerability. cisagov 2022-01-19
IndustrialDefender Unknown link cisagov 2022-01-12
infinidat Unknown link cisagov 2022-01-12
InfluxData Unknown link cisagov 2022-01-12
Infoblox Unknown link cisagov 2022-01-12
Informatica Unknown link cisagov 2022-01-12
Instana Unknown link cisagov 2022-01-12
Instructure Unknown link cisagov 2022-01-12
Intel Audio Development Kit Unknown link cisagov 2021-12-16
Intel Computer Vision Annotation Tool maintained by Intel Unknown link cisagov 2021-12-16
Intel Datacenter Manager Unknown link cisagov 2021-12-16
Intel Genomics Kernel Library Unknown link cisagov 2021-12-16
Intel oneAPI sample browser plugin for Eclipse Unknown link cisagov 2021-12-16
Intel Secure Device Onboard Unknown link cisagov 2021-12-16
Intel Sensor Solution Firmware Development Kit Unknown link cisagov 2021-12-16
Intel System Debugger Unknown link cisagov 2021-12-16
Intel System Studio Unknown link cisagov 2021-12-16
Internet Systems Consortium(ISC) BIND 9 Not Affected link no JAVA Code cisagov 2021-12-17
Internet Systems Consortium(ISC) ISC DHCP, aka dhcpd Not Affected link no JAVA Code cisagov 2021-12-17
Internet Systems Consortium(ISC) Kea DHCP Not Affected link no JAVA Code cisagov 2021-12-17
InterSystems Unknown link cisagov 2022-01-12
Intland codebeamer <= 20.11-SP11, <= 21.09-SP3 Affected link A fix has been released for 20.11 and 21.09, but not yet for 21.04 cisagov 2022-01-12
IPRO Netgovern Unknown cisagov 2022-01-12
iRedMail Unknown link cisagov 2022-01-12
Ironnet Unknown link cisagov 2022-01-12
ISLONLINE Unknown link cisagov 2022-01-12
Ivanti Application Control for Linux Not Affected link cisagov 2022-01-18
Ivanti Application Control for Windows Not Affected link cisagov 2022-01-18
Ivanti Automation Not Affected link cisagov 2022-01-18
Ivanti Avalanche 6.2.2, 6.3.0 to 6.3.3 Affected link cisagov 2022-01-18
Ivanti Avalanche Remote Control Not Affected link cisagov 2022-01-18
Ivanti CETerm (Naurtech) Not Affected link cisagov 2022-01-18
Ivanti Cherwell Asset Management (CAM) Not Affected link cisagov 2022-01-18
Ivanti Cherwell Service Management (CSM) Not Affected link cisagov 2022-01-18
Ivanti Connect Pro Not Affected link cisagov 2022-01-18
Ivanti ConnectPro (Termproxy) Not Affected link cisagov 2022-01-18
Ivanti Credential mgr (PivD Manager) Not Affected link cisagov 2022-01-18
Ivanti Discovery Classic Not Affected link cisagov 2022-01-18
Ivanti DSM Not Affected link cisagov 2022-01-18
Ivanti Environment Manager Not Affected link cisagov 2022-01-18
Ivanti GoldMine Not Affected link cisagov 2022-01-18
Ivanti HEAT Classic Not Affected link cisagov 2022-01-18
Ivanti IIRIS (Neurons for IIOT) Not Affected link cisagov 2022-01-18
Ivanti Incapptic Connect Not Affected link cisagov 2022-01-18
Ivanti Insight Not Affected link cisagov 2022-01-18
Ivanti ITSM 6/7 Not Affected link cisagov 2022-01-18
Ivanti Ivanti Asset Lifecycle Management Not Affected link cisagov 2022-01-18
Ivanti Ivanti Device Application Control Not Affected link cisagov 2022-01-18
Ivanti Ivanti Endpoint Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti Endpoint Security Not Affected link cisagov 2022-01-18
Ivanti Ivanti Environment Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti EPM - Cloud Service Appliance Not Affected link cisagov 2022-01-18
Ivanti Ivanti File Director 2019.1., 2020.1., 2020.3., 2021.1., 4.4.* 2021.3 HF2, 2021.1 HF1, 2020.3 HF2 Fixed link cisagov 2022-01-18
Ivanti Ivanti Identity Director Not Affected link cisagov 2022-01-18
Ivanti Ivanti License Optimizer (ILO) Not Affected link cisagov 2022-01-18
Ivanti Ivanti Management Center Not Affected link cisagov 2022-01-18
Ivanti Ivanti Neurons Platform Not Affected link cisagov 2022-01-18
Ivanti Ivanti Performance Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti Security Controls (Patch ISec) Not Affected link See More INFO for Ivanti Security Controls (Patch ISec) in the Advisory Page cisagov 2022-01-18
Ivanti Ivanti Service Desk Not Affected link Not Affected. Java is no longer required since version 2018.3U3 Customers on older versions can uninstall JRE on their ISD Servers for mitigation. This will disable indexing of Attachments and Documents for full-text search. cisagov 2022-01-18
Ivanti Ivanti Service Manager Not Affected link cisagov 2022-01-18
Ivanti Ivanti Service Manager for Neurons (Cloud) Not Affected link cisagov 2022-01-18
Ivanti Ivanti Voice Not Affected link cisagov 2022-01-18
Ivanti Ivanti Workspace Control Not Affected link cisagov 2022-01-18
Ivanti MI Appconnect Not Affected link cisagov 2022-01-18
Ivanti MI Email+ Not Affected link cisagov 2022-01-18
Ivanti MI Go Client Not Affected link cisagov 2022-01-18
Ivanti MI MobileAtWork Not Affected link cisagov 2022-01-18
Ivanti MI Security Productivity Apps Not Affected link cisagov 2022-01-18
Ivanti Mi Tunnel App Not Affected link cisagov 2022-01-18
Ivanti MobileIron Access ZSO All Affected link Mitigated. No Impact cisagov 2022-01-18
Ivanti MobileIron BYOD Portal Not Affected link cisagov 2022-01-18
Ivanti MobileIron Cloud Not Affected link cisagov 2022-01-18
Ivanti MobileIron Cloud Connector Not Affected link cisagov 2022-01-18
Ivanti MobileIron Core All Affected link See Advisory details for mitigation instructions for MobileIron Core. cisagov 2022-01-18
Ivanti MobileIron Core Connector All Affected link See Advisory details for mitigation instructions for MobileIron Core Connector. cisagov 2022-01-18
Ivanti MobileIron Sentry (Core/Cloud) 9.13, 9.14 Affected link See Advisory details for mitigation instructions for MobileIron Sentry. cisagov 2022-01-18
Ivanti Patch MEM (Microsoft Endpoint Manager) Not Affected link cisagov 2022-01-18
Ivanti Patch OEM APIs Not Affected link cisagov 2022-01-18
Ivanti Performance Manager Not Affected link cisagov 2022-01-18
Ivanti Pulse Connect Secure Not Affected link cisagov 2022-01-18
Ivanti Pulse Desktop Client Not Affected link cisagov 2022-01-18
Ivanti Pulse Mobile Client Not Affected link cisagov 2022-01-18
Ivanti Pulse One Not Affected link cisagov 2022-01-18
Ivanti Pulse Policy Secure Not Affected link cisagov 2022-01-18
Ivanti Pulse Services Director Not Affected link cisagov 2022-01-18
Ivanti Pulse Virtual Traffic Manager Not Affected link cisagov 2022-01-18
Ivanti Pulse Web Application Firewall Not Affected link cisagov 2022-01-18
Ivanti Pulse ZTA Not Affected link cisagov 2022-01-18
Ivanti Risksense Threat and Vulnerability Management Not Affected link cisagov 2022-01-18
Ivanti SpeakEasy (add-on to Velocity) Not Affected link cisagov 2022-01-18
Ivanti SpeakEasy (WinCE) Not Affected link cisagov 2022-01-18
Ivanti Terminal Emulation and Industrial Browser Not Affected link cisagov 2022-01-18
Ivanti Velocity Not Affected link cisagov 2022-01-18
Ivanti VelocityCE Not Affected link cisagov 2022-01-18
Ivanti Virtual Desktop Extender Not Affected link cisagov 2022-01-18
Ivanti Wavelink License Server Not Affected link cisagov 2022-01-18
Ivanti Xtraction Not Affected link cisagov 2022-01-18
Jamasoftware Unknown link cisagov 2022-01-12
Jamf Jamf Pro 10.31.0 10.34.0 Affected link cisagov 2022-01-12
Janitza GridVis Not Affected link cisagov 2022-01-05
Jaspersoft Unknown link cisagov 2022-01-12
Jedox Unknown link cisagov 2022-01-12
Jenkins CI/CD Core Unknown cisagov 2022-01-12
Jenkins Plugins Unknown link Instructions to test your installations in announcement cisagov 2021-12-16
JetBrains All .NET tools (ReSharper, Rider, ReSharper C++, dotTrace, dotMemory, dotCover, dotPeek) Not Affected link cisagov 2022-01-12
Jetbrains Code With Me Unknown Fixed link cisagov 2022-01-12
JetBrains Datalore Not Affected link cisagov 2022-01-12
JetBrains Floating license server 30211 Fixed link cisagov 2022-01-12
JetBrains Gateway Not Affected link cisagov 2022-01-12
JetBrains Hub 2021.1.14080 Fixed link cisagov 2022-01-12
JetBrains IntelliJ platform based IDEs (AppCode, CLion, DataGrip, DataSpell, GoLand, IntelliJ IDEA Ultimate/Community/Edu, PhpStorm, PyCharm Professional/Community/Edu, Rider, RubyMine, WebStorm) Not Affected link cisagov 2022-01-12
JetBrains Kotlin Not Affected link cisagov 2022-01-12
JetBrains Ktor Not Affected link cisagov 2022-01-12
JetBrains MPS Not Affected link cisagov 2022-01-12
JetBrains Space Not Affected link cisagov 2022-01-12
JetBrains TeamCity Not Affected link cisagov 2022-01-12
JetBrains ToolBox Not Affected link cisagov 2022-01-12
JetBrains UpSource 2020.1.1952 Fixed link cisagov 2022-01-12
JetBrains YouTrack InCloud Unknown Fixed link cisagov 2022-01-12
JetBrains YouTrack Standalone 2021.4.35970 Fixed link cisagov 2022-01-12
JFROG Unknown link cisagov 2022-01-12
Jitsi Unknown link cisagov 2022-01-12
Jitterbit Unknown link cisagov 2022-01-12
Johnson Controls BCPro Not Affected link cisagov 2021-12-21
Johnson Controls CEM AC2000 Not Affected link cisagov 2021-12-21
Johnson Controls CEM Hardware Products Not Affected link cisagov 2021-12-21
Johnson Controls CloudVue Gateway Not Affected link cisagov 2021-12-21
Johnson Controls CloudVue Web Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE9000 Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE9000 Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE9000 Not Affected link cisagov 2021-12-21
Johnson Controls C•CURE9000 Not Affected link cisagov 2021-12-21
Johnson Controls DLS Not Affected link cisagov 2021-12-21
Johnson Controls Entrapass Not Affected link cisagov 2021-12-21
Johnson Controls exacqVision Client Not Affected link cisagov 2021-12-21
Johnson Controls exacqVision Server Not Affected link cisagov 2021-12-21
Johnson Controls exacqVision WebService Not Affected link cisagov 2021-12-21
Johnson Controls Facility Explorer Not Affected link cisagov 2021-12-21
Johnson Controls Illustra Cameras Not Affected link cisagov 2021-12-21
Johnson Controls Illustra Insight Not Affected link cisagov 2021-12-21
Johnson Controls iSTAR Not Affected link cisagov 2021-12-21
Johnson Controls Metasys Products and Tools Not Affected link cisagov 2021-12-21
Johnson Controls PowerSeries NEO Not Affected link cisagov 2021-12-21
Johnson Controls PowerSeries Pro Not Affected link cisagov 2021-12-21
Johnson Controls Qolsys IQ Panels Not Affected link cisagov 2021-12-21
Johnson Controls SurGard Receivers Not Affected link cisagov 2021-12-21
Johnson Controls Tyco AI Not Affected link cisagov 2021-12-21
Johnson Controls victor Not Affected link cisagov 2021-12-21
Johnson Controls victor/ C•CURE9000 Unified Not Affected link cisagov 2021-12-21
Johnson Controls victor/ C•CURE9000 Unified Not Affected link cisagov 2021-12-21
Johnson Controls VideoEdge Not Affected link cisagov 2021-12-21
Journyx Unknown link cisagov 2022-01-12
jPOS (ISO-8583) bridge Not Affected link cisagov 2022-01-12
Jump Desktop Unknown link cisagov 2022-01-12
Juniper Networks Unknown link cisagov 2022-01-12
Justice Systems Unknown link cisagov 2022-01-12
K15t Unknown link cisagov 2022-01-12
K6 Unknown link cisagov 2022-01-12
Karakun Unknown link cisagov 2022-01-12
Kaseya Unknown link cisagov 2022-01-12
Keeper Security Unknown link cisagov 2022-01-12
KEMP Unknown link cisagov 2022-01-12
KEMP 2 Unknown link cisagov 2022-01-12
Kofax Unknown link cisagov 2022-01-12
Konica Minolta Unknown link cisagov 2022-01-12
Kronos UKG Unknown link cisagov 2022-01-12
Kyberna Unknown link cisagov 2022-01-12
L-Soft Unknown link cisagov 2022-01-12
L3Harris Geospatial Unknown link cisagov 2022-01-12
Lancom Systems Unknown link cisagov 2022-01-12
Lansweeper Unknown link cisagov 2022-01-12
Laserfiche Unknown link cisagov 2022-01-12
LastPass Unknown link cisagov 2022-01-12
LaunchDarkly Unknown link cisagov 2022-01-12
Leanix Unknown link cisagov 2022-01-12
Leica BIOSYSTEMS Aperio AT2 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio AT2 DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio CS2 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio eSlide Manager Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio GT 450 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio GT 450 DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio ImageScope Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio ImageScope DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio LV1 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio SAM DX Server For GT 450 DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio Scanner Administration Manager (SAM) Server for GT 450 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio VERSA Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Aperio WebViewer DX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND Controller Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND RX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND RXm Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND-ADVANCE Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND-III Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS BOND-MAX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS CEREBRO Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS CytoVision Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore PEARL Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore PEGASUS Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPECTRA CV Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPECTRA ST Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPIRIT ST Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS HistoCore SPRING ST Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ASP300S Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica CV5030 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ST4020 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ST5010 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica ST5020 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS Leica TP1020 Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS LIS Connect Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS PathDX Unknown link cisagov 2021-12-21
Leica BIOSYSTEMS ThermoBrite Elite Unknown link cisagov 2021-12-21
Lenovo BIOS/UEFI Unknown link cisagov 2021-12-14
Lenovo Chassis Management Module 2 (CMM) Unknown link cisagov 2021-12-14
Lenovo Commercial Vantage Unknown link cisagov 2021-12-14
Lenovo Confluent Unknown link cisagov 2021-12-14
Lenovo DSS-G Unknown link cisagov 2021-12-14
Lenovo Embedded System Management Java-based KVM clients Unknown link cisagov 2021-12-14
Lenovo Fan Power Controller (FPC) Unknown link cisagov 2021-12-14
Lenovo Fan Power Controller2 (FPC2) Unknown link cisagov 2021-12-14
Lenovo Integrated Management Module II (IMM2) Unknown link cisagov 2021-12-14
Lenovo NetApp ONTAP Tools for VMware vSphere Unknown link See NetApp advisory. cisagov 2021-12-14
Lenovo Network Switches running: Lenovo CNOS, Lenovo ENOS, IBM ENOS, or Brocade FOS Unknown link cisagov 2021-12-14
Lenovo Storage Management utilities Unknown link cisagov 2021-12-14
Lenovo System Management Module (SMM) Unknown link cisagov 2021-12-14
Lenovo System Management Module 2 (SMM2) Unknown link cisagov 2021-12-14
Lenovo System Update Unknown link cisagov 2021-12-14
Lenovo Thin Installer Unknown link cisagov 2021-12-14
Lenovo ThinkAgile HX Unknown link Nutanix and VMware components only; hardware not affected. See Nutanix and VMWare advisories. cisagov 2021-12-14
Lenovo ThinkAgile VX Unknown link VMware components only; hardware not affected. See VMWare advisory. cisagov 2021-12-14
Lenovo ThinkSystem 2x1x16 Digital KVM Switch - Type 1754D1T Unknown link cisagov 2021-12-14
Lenovo ThinkSystem DE Series Storage Unknown link See also NetApp advisory. cisagov 2021-12-14
Lenovo ThinkSystem DM Series Storage Unknown link See also NetApp advisory. cisagov 2021-12-14
Lenovo ThinkSystem DS Series Storage Unknown link cisagov 2021-12-14
Lenovo ThinkSystem Manager (TSM) Unknown link cisagov 2021-12-14
Lenovo Update Retriever Unknown link cisagov 2021-12-14
Lenovo Vantage Unknown link cisagov 2021-12-14
Lenovo XClarity Administrator (LXCA) Unknown link cisagov 2021-12-14
Lenovo XClarity Controller (XCC) Unknown link cisagov 2021-12-14
Lenovo XClarity Energy Manager (LXEM) Unknown link cisagov 2021-12-14
Lenovo XClarity Essentials (LXCE) Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Microsoft Azure Log Analytics Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Microsoft System Center Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Nagios Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for ServiceNow Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for VMware vCenter Unknown link cisagov 2021-12-14
Lenovo XClarity Integrator (LXCI) for Windows Admin Center Unknown link cisagov 2021-12-14
Lenovo XClarity Mobile (LXCM) Unknown link cisagov 2021-12-14
Lenovo XClarity Orchestrator (LXCO) Unknown link cisagov 2021-12-14
Lenovo XClarity Provisioning Manager (LXPM) Unknown link cisagov 2021-12-14
LeoStream Unknown link cisagov 2022-01-12
Let's Encrypt Unknown link cisagov 2022-01-12
LibreNMS Unknown link cisagov 2022-01-12
LifeRay Unknown link cisagov 2022-01-12
LifeSize Unknown link cisagov 2022-01-12
Lightbend Unknown link cisagov 2022-01-12
Lime CRM Unknown link cisagov 2022-01-12
LIONGARD Unknown link cisagov 2022-01-12
LiquidFiles Unknown link cisagov 2022-01-12
LiveAction Unknown link cisagov 2022-01-12
Loftware Unknown link cisagov 2022-01-12
LOGalyze SIEM & log analyzer tool v4.x Affected link local-log4j-vuln-scanner result: indicator for vulnerable component found in /logalyze/lib/log4j-1.2.17.jar (org/apache/log4j/net/SocketNode.class): log4j 1.2.17 Forks (github.com) cisagov 2021-12-17
LogiAnalytics Unknown link cisagov 2022-01-12
LogicMonitor LogicMonitor Platform Unknown link cisagov 2022-01-12
LogMeIn Unknown link cisagov 2022-01-12
LogRhythm Unknown link cisagov 2022-01-12
Looker Looker 21.0, 21.6, 21.12, 21.16, 21.18, 21.20 Affected link cisagov 2022-01-12
LucaNet Unknown link cisagov 2022-01-12
Lucee Unknown link cisagov 2022-01-12
Lyrasis Fedora Repository Not Affected link Fedora Repository is unaffiliated with Fedora Linux. Uses logback and explicitly excludes log4j. cisagov 2021-12-14
MailStore Unknown link cisagov 2022-01-12
Maltego Unknown link cisagov 2022-01-12
ManageEngine AD SelfService Plus Not Affected cisagov 2021-12-27
ManageEngine Servicedesk Plus 11305 and below Affected link cisagov 2021-12-15
ManageEngine Zoho Unknown link cisagov 2022-01-12
ManageEngine Zoho ADAudit Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho ADManager Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho Analytics Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho Cloud Security Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho DataSecurity Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho EventLog Analyzer Unknown link cisagov 2021-12-16
ManageEngine Zoho Exchange Reporter Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho Log360 Unknown link cisagov 2021-12-16
ManageEngine Zoho Log360 UEBA Unknown link cisagov 2021-12-16
ManageEngine Zoho M365 Manager Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho M365 Security Plus Unknown link cisagov 2021-12-16
ManageEngine Zoho RecoveryManager Plus Unknown link cisagov 2021-12-16
MariaDB Unknown link cisagov 2022-01-12
MathWorks All MathWorks general release desktop or server products Not Affected link cisagov 2022-01-18
MathWorks MATLAB Not Affected link cisagov 2022-01-18
Matillion Matillion ETL 1.59.10+ Fixed link cisagov 2022-11-01
Matomo Unknown link cisagov 2022-01-12
Mattermost FocalBoard Unknown link cisagov 2022-01-12
McAfee Data Exchange Layer (DXL) Client Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Discover Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Endpoint for Mac Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Endpoint for Windows Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Monitor Unknown cisagov 2021-12-20
McAfee Data Loss Prevention (DLP) Prevent Unknown cisagov 2021-12-20
McAfee Endpoint Security (ENS) for Linux Unknown cisagov 2021-12-20
McAfee Endpoint Security (ENS) for Mac Unknown cisagov 2021-12-20
McAfee Endpoint Security (ENS) for Windows Unknown cisagov 2021-12-20
McAfee Enterprise Security Manager (ESM) 11.5.3 Fixed link cisagov 2021-12-20
McAfee ePolicy Orchestrator Agent Handlers (ePO-AH) Unknown cisagov 2021-12-20
McAfee ePolicy Orchestrator Application Server (ePO) 5.10 CU11 Fixed link cisagov 2021-12-20
McAfee Host Intrusion Prevention (Host IPS) Unknown cisagov 2021-12-20
McAfee Management of Native Encryption (MNE) Unknown cisagov 2021-12-20
McAfee McAfee Active Response (MAR) Unknown cisagov 2021-12-20
McAfee McAfee Agent (MA) Unknown cisagov 2021-12-20
McAfee McAfee Application and Change Control (MACC) for Linux Unknown cisagov 2021-12-20
McAfee McAfee Application and Change Control (MACC) for Windows Unknown cisagov 2021-12-20
McAfee McAfee Client Proxy (MCP) for Mac Unknown cisagov 2021-12-20
McAfee McAfee Client Proxy (MCP) for Windows Unknown cisagov 2021-12-20
McAfee McAfee Drive Encryption (MDE) Unknown cisagov 2021-12-20
McAfee McAfee Security for Microsoft Exchange (MSME) Unknown cisagov 2021-12-20
McAfee McAfee Security for Microsoft Exchange (MSME) Unknown cisagov 2021-12-20
McAfee McAfee Security for Microsoft SharePoint (MSMS) Unknown cisagov 2021-12-20
McAfee Network Security Manager (NSM) Unknown cisagov 2021-12-20
McAfee Network Security Platform (NSP) Unknown cisagov 2021-12-20
McAfee Policy Auditor Unknown cisagov 2021-12-20
McAfee Threat Intelligence Exchange (TIE) Unknown link Latest status in linked Security Bulletin cisagov 2021-12-20
McAfee Web Gateway (MWG) Unknown link cisagov 2021-12-20
Medtronic Unknown link cisagov 2021-12-21
MEINBERG Unknown link cisagov 2022-01-12
MEINBERG LANTIME and microSync Unknown link cisagov 2022-01-05
Meltano Meltano Unknown link Project is written in Python cisagov 2022-01-12
Memurai Unknown link cisagov 2022-01-12
Micro Focus Data Protector 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.90, 10.91, 11.00 Fixed link https://portal.microfocus.com/s/article/KM000003050 cisagov 2021-12-13
Microsoft Azure API Gateway Unknown link cisagov 2022-01-12
Microsoft Azure Application Gateway Unknown link cisagov 2022-01-12
Microsoft Azure Data lake store java < 2.3.10 Affected link cisagov 2022-01-12
Microsoft Azure Data lake store java < 2.3.10 Affected link cisagov 2022-01-12
Microsoft Azure DevOps Unknown link cisagov 2022-01-12
Microsoft Azure DevOps Server 2019.0 - 2020.1 Affected link cisagov 2022-01-12
Microsoft Azure Traffic Manager Unknown link cisagov 2022-01-12
Microsoft Team Foundation Server 2018.2+ Affected link cisagov 2022-01-12
Microstrategy Unknown link cisagov 2022-01-12
Midori Global Unknown link cisagov 2022-01-12
Mikrotik Unknown link cisagov 2022-01-12
Milestone sys Unknown link cisagov 2022-01-12
Mimecast Unknown link cisagov 2022-01-12
Minecraft Unknown link cisagov 2022-01-12
Mirantis Unknown link cisagov 2022-01-12
Miro Unknown link cisagov 2022-01-12
Mitel Unknown link cisagov 2022-01-12
MMM Group Control software of all MMM series Unknown link cisagov 2022-01-05
MMM Group RUMED360 Cycles, RUMED360 Cycles View, RUMED360 Sicon, RUMED360 ISA-Server Unknown link cisagov 2022-01-05
MongoDB All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts) Unknown link cisagov 2022-01-12
MongoDB MongoDB Atlas Search Unknown link cisagov 2022-01-12
MongoDB MongoDB Community Edition (including Community Server, Cloud Manager, Community Kubernetes Operators) Unknown link cisagov 2022-01-12
MongoDB MongoDB Drivers Unknown link cisagov 2022-01-12
MongoDB MongoDB Enterprise Advanced (including Enterprise Server, Ops Manager, Enterprise Kubernetes Operators) Unknown link cisagov 2022-01-12
MongoDB MongoDB Realm (including Realm Database, Sync, Functions, APIs) Unknown link cisagov 2022-01-12
MongoDB MongoDB Tools (including Compass, Database Shell, VS Code Plugin, Atlas CLI, Database Connectors) Unknown link cisagov 2022-01-12
Moodle Unknown link cisagov 2022-01-12
MoogSoft Unknown link cisagov 2022-01-12
Motorola Avigilon Unknown link cisagov 2022-01-12
Moxa Not Affected link Moxa is investigating to determine if any of our products are affected by this vulnerability. At the time of publication, none of Moxa's products are affected. cisagov 2022-01-19
Mulesoft Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Mulesoft Anypoint Studio 7.x Affected link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
Mulesoft Cloudhub Unknown link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
Mulesoft Mule Agent 6.x Affected link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
Mulesoft Mule Runtime 3.x, 4.x Affected link This advisory is available to account holders only and has not been reviewed by CISA. cisagov 2021-12-15
N-able Unknown link cisagov 2022-01-12
Nagios Unknown link cisagov 2022-01-12
NAKIVO Unknown link cisagov 2022-01-12
National Instruments OptimalPlus Vertica, Cloudera, Logstash Affected link (Limited to deployments running Vertica, Cloudera, or Logstash) Contact Technical Support cisagov 2022-01-05
Neo4j Neo4j Graph Database >4.2, <4..2.12 Affected cisagov 2021-12-13
Netapp Multiple NetApp products Unknown link cisagov 2022-01-12
Netcup Unknown link cisagov 2022-01-12
NetGate PFSense Unknown link cisagov 2022-01-12
Netwrix Unknown link cisagov 2022-01-12
New Relic Containerized Private Minion (CPM) 3.0.57 Fixed link New Relic is in the process of revising guidance/documentation, however the fix version remains sufficient. Security Bulletin NR21-04 cisagov 2021-12-18
New Relic New Relic Java Agent <7.4.3 Affected link Initially fixed in 7.4.2, but additional vulnerability found New Relic tracking, covers CVE-2021-44228, CVE-2021-45046 cisagov 2021-12-20
NextCloud Unknown link cisagov 2022-01-12
Nextflow Nextflow Not Affected link cisagov 2021-12-21
Nexus Group Unknown link cisagov 2022-01-12
Nice Software (AWS) EnginFRAME Unknown link cisagov 2022-01-12
NinjaRMM Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Nomachine Unknown link cisagov 2022-01-12
NoviFlow Unknown link cisagov 2022-01-12
Nulab Backlog N/A (SaaS) Fixed link cisagov 2022-01-12
Nulab Backlog Enterprise (On-premises) < 1.11.7 Fixed link cisagov 2022-01-12
Nulab Cacoo N/A (SaaS) Fixed link cisagov 2022-01-12
Nulab Cacoo Enterprise (On-premises) < 4.0.4 Fixed link cisagov 2022-01-12
Nulab Typetalk N/A (SaaS) Fixed link cisagov 2022-01-12
Nutanix AHV Not Affected link cisagov 2021-12-20
Nutanix AOS Not Affected link cisagov 2021-12-20
Nutanix AOS STS (including Prism Element) Fixed link Patched in 6.0.2.4, available on the Portal for download. cisagov 2021-12-20
Nutanix Beam Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix BeamGov Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Calm Not Affected link cisagov 2021-12-20
Nutanix Calm Tunnel VM Not Affected link cisagov 2021-12-20
Nutanix Collector Not Affected link cisagov 2021-12-20
Nutanix Collector Portal Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Data Lens Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Era Not Affected link cisagov 2021-12-20
Nutanix File Analytics 2.1.x, 2.2.x, 3.0+ Affected link Mitigated in version 3.0.1 which is available on the Portal for download. Mitigation is available here cisagov 2021-12-20
Nutanix Files Not Affected link cisagov 2021-12-20
Nutanix Flow Not Affected link cisagov 2021-12-20
Nutanix Flow Security Cental Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Foundation Not Affected link cisagov 2021-12-20
Nutanix Frame Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix FrameGov Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix FSCVM Not Affected link cisagov 2021-12-20
Nutanix Insights Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Karbon All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix Karbon Platform Service Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix LCM Not Affected link cisagov 2021-12-20
Nutanix Leap Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Mine All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix Move Not Affected link cisagov 2021-12-20
Nutanix MSP All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix NCC Not Affected link cisagov 2021-12-20
Nutanix NGT Not Affected link cisagov 2021-12-20
Nutanix Objects All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix Prism Central All Fixed link Patched in 2021-9.0.3, available on the Portal for download. cisagov 2021-12-20
Nutanix Sizer Unknown link Saas-Based Procuct. See Advisory. cisagov 2021-12-20
Nutanix Volumes Not Affected link cisagov 2021-12-20
Nutanix Witness VM All Affected link Mitigation is available here cisagov 2021-12-20
Nutanix X-Ray Not Affected link cisagov 2021-12-20
Nvidia Unknown link cisagov 2022-01-12
NXLog Unknown link cisagov 2022-01-12
Objectif Lune Unknown link cisagov 2022-01-12
OCLC Unknown link cisagov 2022-01-12
Octopus Unknown link cisagov 2022-01-12
Okta Advanced Server Access Unknown link cisagov 2021-12-12
Okta Okta Access Gateway Unknown link cisagov 2021-12-12
Okta Okta AD Agent Unknown link cisagov 2021-12-12
Okta Okta Browser Plugin Unknown link cisagov 2021-12-12
Okta Okta IWA Web Agent Unknown link cisagov 2021-12-12
Okta Okta LDAP Agent Unknown link cisagov 2021-12-12
Okta Okta Mobile Unknown link cisagov 2021-12-12
Okta Okta On-Prem MFA Agent < 1.4.6 Affected link cisagov 2021-12-12
Okta Okta RADIUS Server Agent < 2.17.0 Affected link cisagov 2021-12-12
Okta Okta Verify Unknown link cisagov 2021-12-12
Okta Okta Workflows Unknown link cisagov 2021-12-12
Onespan Unknown link cisagov 2022-01-12
Opengear Unknown link cisagov 2022-01-12
OpenMRS TALK Unknown link cisagov 2022-01-12
OpenNMS Unknown link cisagov 2022-01-12
OpenSearch Unknown link cisagov 2022-01-12
OpenText Unknown link cisagov 2021-12-23
Opto 22 GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP < 4.3g 4.3g Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Opto 22 GROOV-AT1, GROOV-AT1-SNAP < 4.3g 4.3g Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Opto 22 GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP < 4.3g 4.3g Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Opto 22 GRV-EPIC-PR1, GRV-EPIC-PR2 < 3.3.2 3.3.2 Fixed link The Log4j vulnerability affects all products running groov View software cisagov 2022-01-13
Oracle Unknown link The support document is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
Oracle Enterprise Manager 13.5, 13.4 & 13.3.2 Affected link Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. cisagov 2021-12-17
Oracle Exadata <21.3.4 Affected link Patch status and other security guidance is restricted to Oracle account/support members. The support document is available to customers only and has not been reviewed by CISA. cisagov 2021-12-17
Orgavision Unknown link cisagov 2022-01-12
Osirium PAM Unknown link cisagov 2022-01-12
Osirium PEM Unknown link cisagov 2022-01-12
Osirium PPA Unknown link cisagov 2022-01-12
OTRS Unknown link cisagov 2022-01-12
OVHCloud Unknown link cisagov 2022-01-12
OwnCloud Unknown link cisagov 2022-01-12
OxygenXML Author Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Developer Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Editor Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen Content Fusion 2.0, 3.0, 4.1 Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen Feedback Enterprise 1.4.4 & older Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen License Server v22.1 to v24.0 Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen PDF Chemistry v22.1, 23.0, 23.1, 24.0 Affected https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Oxygen SDK Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Plugins (see advisory link) Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Publishing Engine Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML Web Author Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
OxygenXML WebHelp Unknown https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html cisagov 2021-12-17
PagerDuty PagerDuty SaaS Unknown link We currently see no evidence of compromises on our platform. Our teams continue to monitor for new developments and for impacts on sub-processors and dependent systems. PagerDuty SaaS customers do not need to take any additional action for their PagerDuty SaaS environment cisagov 2021-12-21
Palantir Palantir AI Inference Platform (AIP) All Fixed link Fully remediated as of 1.97.0. Disconnected customer instances may require manual updates. cisagov 2021-12-19
Palantir Palantir Apollo Not Affected link No impact, and updates have been deployed for full remediation. cisagov 2021-12-19
Palantir Palantir Foundry All Fixed link No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. cisagov 2021-12-19
Palantir Palantir Gotham All Fixed link No impact to Palantir-hosted or Apollo-connected instances, and updates have been deployed for full remediation. Disconnected customer instances may require manual updates. cisagov 2021-12-19
Palo-Alto Networks Bridgecrew Unknown link cisagov 2022-01-12
Palo-Alto Networks CloudGenix Unknown link cisagov 2022-01-12
Palo-Alto Networks Cortex Data Lake Unknown link cisagov 2022-01-12
Palo-Alto Networks Cortex XDR Agent Unknown link cisagov 2022-01-12
Palo-Alto Networks Cortex Xpanse Unknown link cisagov 2022-01-12
Palo-Alto Networks Cortex XSOAR Unknown link cisagov 2022-01-12
Palo-Alto Networks Expedition Unknown link cisagov 2022-01-12
Palo-Alto Networks GlobalProtect App Unknown link cisagov 2022-01-12
Palo-Alto Networks IoT Security Unknown link cisagov 2022-01-12
Palo-Alto Networks Okyo Grade Unknown link cisagov 2022-01-12
Palo-Alto Networks Palo-Alto Networks-OS for Firewall and Wildfire Unknown link cisagov 2022-01-12
Palo-Alto Networks Palo-Alto Networks-OS for Panorama 9.0, 9.1, 10.0 Affected link Upgrade Panorama to PAN-OS 10.1 to remediate this issue. This advisory will be updated when hot fixes for the affected Panorama versions are available. PAN-OS for Panorama versions 8.1, 10.1 are not affected. cisagov 2021-12-15
Palo-Alto Networks Prisma Access Unknown link cisagov 2022-01-12
Palo-Alto Networks Prisma Cloud Unknown link cisagov 2022-01-12
Palo-Alto Networks Prisma Cloud Compute Unknown link cisagov 2022-01-12
Palo-Alto Networks SaaS Security Unknown link cisagov 2022-01-12
Palo-Alto Networks User-ID Agent Unknown link cisagov 2022-01-12
Palo-Alto Networks WildFire Appliance Unknown link cisagov 2022-01-12
Palo-Alto Networks WildFire Cloud Unknown link cisagov 2022-01-12
Panopto Unknown link cisagov 2022-01-12
PaperCut PaperCut MF 21.0 and later Affected link Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. cisagov 2021-12-16
PaperCut PaperCut NG 21.0 and later Affected link Versions 21.0 and later are impacted. Versions 20 and earlier are NOT impacted by this. Workaround manual steps available in reference. Upgrade to PaperCut NG/MF version 21.2.3 Now Available to resolve. cisagov 2021-12-16
Parallels Unknown link cisagov 2022-01-12
Parse.ly Unknown link cisagov 2022-01-12
PBXMonitor RMM for 3CX PBX Unknown link Mirror Servers were also checked to ensure Log4J was not installed or being used by any of our systems. cisagov 2021-12-22
Pega Unknown link cisagov 2022-01-12
Pentaho Unknown link cisagov 2022-01-12
Pepperl+Fuchs Unknown link cisagov 2021-12-21
Percona Unknown link cisagov 2022-01-12
Pexip Unknown link cisagov 2022-01-12
Phenix Id Unknown link cisagov 2022-01-12
Philips Multiple products Unknown link cisagov 2022-01-12
PHOENIX CONTACT Cloud Services Unknown link Partly affected. Remediations are being implemented. cisagov 2021-12-22
PHOENIX CONTACT Physical products containing firmware Unknown link cisagov 2021-12-22
PHOENIX CONTACT Software Products Unknown link cisagov 2021-12-22
Ping Identity PingAccess 4.0 <= version <= 6.3.2 Affected link cisagov 2021-12-15
Ping Identity PingCentral Unknown link cisagov 2021-12-15
Ping Identity PingFederate 8.0 <= version <= 10.3.4 Affected link cisagov 2021-12-15
Ping Identity PingFederate Java Integration Kit < 2.7.2 Affected link cisagov 2021-12-15
Ping Identity PingFederate OAuth Playground < 4.3.1 Affected link cisagov 2021-12-15
Ping Identity PingIntelligence Unknown link cisagov 2021-12-15
Pitney Bowes Unknown link cisagov 2022-01-12
Planmeca Unknown link cisagov 2022-01-12
Planon Software Unknown link This advisory is available for customers only and has not been reviewed by CISA cisagov 2022-01-12
Platform.SH Unknown link cisagov 2022-01-12
Plesk Unknown link cisagov 2022-01-12
Plex Plex Industrial IoT Unknown link The product has been updated to Log4j version 2.15. An additional patch is being developed to update to 2.16. No user interaction is required. cisagov 2021-12-15
Polycom Unknown link cisagov 2022-01-12
Portainer Unknown link cisagov 2022-01-12
PortSwigger Unknown link cisagov 2022-01-12
PostGreSQL Unknown link cisagov 2022-01-12
Postman Unknown link cisagov 2022-01-12
Power Admin LLC PA File Sight Not Affected cisagov 2021-12-17
Power Admin LLC PA Server Monitor Not Affected cisagov 2021-12-17
Power Admin LLC PA Storage Monitor Not Affected cisagov 2021-12-17
Pretix Unknown link cisagov 2022-01-12
PrimeKey Unknown link cisagov 2022-01-12
Progress / IpSwitch Unknown link cisagov 2022-01-12
ProofPoint Unknown link This advisory is available for customers only and has not been reviewed by CISA cisagov 2022-01-12
ProSeS Unknown link cisagov 2022-01-12
Prosys Unknown link cisagov 2022-01-12
Proxmox Unknown link cisagov 2022-01-12
PRTG Paessler Unknown link cisagov 2022-01-12
PTC Axeda Platform 6.9.2 Affected link cisagov 2021-12-17
PTC ThingsWorx Analytics 8.5, 9.0, 9.1, 9.2, All supported versions Affected link cisagov 2021-12-17
PTC ThingsWorx Platform 8.5, 9.0, 9.1, 9.2, All supported versions Affected link cisagov 2021-12-17
PTV Group Unknown link cisagov 2022-01-12
Pulse Secure Ivanti Connect Secure (ICS) Unknown link cisagov 2022-01-12
Pulse Secure Ivanti Neurons for secure Access Unknown link cisagov 2022-01-12
Pulse Secure Ivanti Neurons for secure Access Unknown link cisagov 2022-01-12
Pulse Secure Ivanti Neurons for ZTA Unknown link cisagov 2022-01-12
Pulse Secure Ivanti Neurons for ZTA Unknown link cisagov 2022-01-12
Pulse Secure Pulse Connect Secure Unknown link cisagov 2022-01-12
Pulse Secure Pulse Desktop Client Unknown link cisagov 2022-01-12
Pulse Secure Pulse Mobile Client Unknown link cisagov 2022-01-12
Pulse Secure Pulse One Unknown link cisagov 2022-01-12
Pulse Secure Pulse Policy Secure Unknown link cisagov 2022-01-12
Pulse Secure Pulse Secure Services Director Unknown link cisagov 2022-01-12
Pulse Secure Pulse Secure Virtual Traffic Manager Unknown link cisagov 2022-01-12
Pulse Secure Pulse Secure Web Application Firewall Unknown link cisagov 2022-01-12
Pulse Secure Pulse ZTA Unknown link cisagov 2022-01-12
Puppet Unknown link cisagov 2022-01-12
Pure Storage Unknown link This advisory is available for customers only and has not been reviewed by CISA cisagov 2022-01-12
Pure Storage Cloud Blockstore CBS6.1.x, CBS6.2.x Affected link Patch expected 12/27/2021 cisagov 2021-12-15
Pure Storage Flash Array 5.3.x, 6.0.x, 6.1.x, 6.2.x Affected link Patch expected 12/20/2021 cisagov 2021-12-15
Pure Storage FlashBlade 3.1.x, 3.2.x, 3.3.x Affected link Patch expected 12/24/2021 cisagov 2021-12-15
Pure Storage PortWorx 2.8.0+ Affected link cisagov 2021-12-15
Pure Storage Pure1 N/A Fixed link cisagov 2021-12-15
Pyramid Analytics Unknown link cisagov 2022-01-12
QF-Test Unknown link cisagov 2022-01-12
Qlik Unknown link cisagov 2022-01-12
QMATIC Appointment Booking 2.4+ Affected link Update to v. 2.8.2 which contains log4j 2.16 cisagov 2021-12-21
QMATIC Appointment Booking Cloud/Managed Service Affected link log4j 2.16 applied 2021-12-15 cisagov 2021-12-21
QMATIC Insights Cloud Affected link log4j 2.16 applied 2021-12-16 cisagov 2021-12-21
QMATIC Orchestra Central Not Affected link cisagov 2021-12-21
QNAP Unknown link cisagov 2022-01-12
QOPPA Unknown link cisagov 2022-01-12
QSC Q-SYS Unknown link cisagov 2022-01-12
QT Unknown link cisagov 2022-01-12
Quest Global Unknown link cisagov 2022-01-12
R R Not Affected link cisagov 2021-12-21
R2ediviewer Unknown link cisagov 2022-01-12
Radware Unknown link cisagov 2022-01-12
Rapid7 AlcidekArt, kAdvisor, and kAudit Not Affected link cisagov 2021-12-15
Rapid7 AppSpider Enterprise Not Affected link cisagov 2021-12-15
Rapid7 AppSpider Pro Not Affected link cisagov 2021-12-15
Rapid7 Insight Agent Not Affected link cisagov 2021-12-15
Rapid7 InsightAppSec Scan Engine Not Affected link cisagov 2021-12-15
Rapid7 InsightAppSec Scan Engine Not Affected link cisagov 2021-12-15
Rapid7 InsightCloudSec/DivvyCloud Not Affected link cisagov 2021-12-15
Rapid7 InsightConnect Orchestrator Not Affected link cisagov 2021-12-15
Rapid7 InsightIDR Network Sensor Not Affected link cisagov 2021-12-15
Rapid7 InsightIDR/InsightOps Collector & Event Sources Not Affected link cisagov 2021-12-15
Rapid7 InsightOps DataHub InsightOps DataHub <= 2.0 Affected link Upgrade DataHub to version 2.0.1 using the following instructions. cisagov 2021-12-15
Rapid7 InsightOps non-Java logging libraries Not Affected link cisagov 2021-12-15
Rapid7 InsightOps r7insight_java logging library <=3.0.8 Affected link Upgrade r7insight_java to 3.0.9 cisagov 2021-12-15
Rapid7 InsightVM Kubernetes Monitor Not Affected link cisagov 2021-12-15
Rapid7 InsightVM/Nexpose Not Affected link cisagov 2021-12-15
Rapid7 InsightVM/Nexpose Console Not Affected link Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. cisagov 2021-12-15
Rapid7 InsightVM/Nexpose Engine Not Affected link Installations of the InsightVM/Nexpose have “log4j-over-slf4j-1.7.7.jar” packaged in them. This is a different library than log4j-core and is not vulnerable to Log4Shell. cisagov 2021-12-15
Rapid7 IntSights virtual appliance Not Affected link cisagov 2021-12-15
Rapid7 Logentries DataHub Linux version <= 1.2.0.820; Windows version <= 1.2.0.820 Affected link Linux: Install DataHub_1.2.0.822.deb using the following instructions. Windows: Run version 1.2.0.822 in a Docker container or as a Java command per these instructions. You can find more details here. cisagov 2021-12-15
Rapid7 Logentries le_java logging library All versions: this is a deprecated component Affected link Migrate to version 3.0.9 of r7insight_java cisagov 2021-12-15
Rapid7 Metasploit Framework Not Affected link cisagov 2021-12-15
Rapid7 Metasploit Pro Not Affected link Metasploit Pro ships with log4j but has specific configurations applied to it that mitigate Log4Shell. A future update will contain a fully patched version of log4j. cisagov 2021-12-15
Rapid7 tCell Java Agent Not Affected link cisagov 2021-12-15
Rapid7 Velociraptor Not Affected link cisagov 2021-12-15
Raritan Unknown link cisagov 2022-01-12
Ravelin Unknown link cisagov 2022-01-12
Real-Time Innovations (RTI) Distributed Logger Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) Recording Console Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Administration Console Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Code Generator Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Code Generator Server Unknown link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Micro Application Generator (MAG) as part of RTI Connext Micro 3.0.0, 3.0.1, 3.0.2, 3.0.3 Affected link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Micro Application Generator (MAG) as part of RTI Connext Professional 6.0.0 and 6.0.1 Affected link cisagov 2021-12-16
Real-Time Innovations (RTI) RTI Monitor Unknown link cisagov 2021-12-16
Red Hat log4j-core Unknown link cisagov 2021-12-21
Red Hat Red Hat Integration Camel K Unknown link RHSA-2021:5130 cisagov 2021-12-21
Red Hat Red Hat build of Quarkus Unknown link cisagov 2021-12-20
Red Hat Red Hat CodeReady Studio 12.21.0 Fixed link CRS 12.21.1 Patch cisagov 2021-12-21
Red Hat Red Hat Data Grid 8 Fixed link RHSA-2021:5132 cisagov 2021-12-21
Red Hat Red Hat Decision Manager Not Affected link cisagov 2021-12-20
Red Hat Red Hat Enterprise Linux Not Affected link cisagov 2021-12-20
Red Hat Red Hat Enterprise Linux Not Affected link cisagov 2021-12-20
Red Hat Red Hat Enterprise Linux Not Affected link cisagov 2021-12-20
Red Hat Red Hat Integration Camel Quarkus Unknown link RHSA-2021:5126 cisagov 2021-12-21
Red Hat Red Hat JBoss A-MQ Streaming Unknown link RHSA-2021:5138 cisagov 2021-12-21
Red Hat Red Hat JBoss Enterprise Application Platform 7 Fixed link Maven Patch - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. cisagov 2021-12-21
Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack Not Affected link cisagov 2021-12-20
Red Hat Red Hat JBoss Fuse 7 Fixed link RHSA-2021:5134 cisagov 2021-12-21
Red Hat Red Hat Process Automation 7 Fixed link Maven Patch - Affects only the Mavenized distribution. Container, Zip and RPM distro aren't affected. cisagov 2021-12-21
Red Hat Red Hat Single Sign-On Not Affected link cisagov 2021-12-21
Red Hat Red Hat Vert.X 4 Fixed link RHSA-2021:5093 cisagov 2021-12-21
Red Hat Satellite 5 Unknown link cisagov 2021-12-21
Red Hat Spacewalk Unknown link cisagov 2021-12-21
Red Hat OpenShift Container Platform 3.11 openshift3/ose-logging-elasticsearch5 Unknown link RHSA-2021:5094 cisagov 2021-12-21
Red Hat OpenShift Container Platform 4 openshift4/ose-logging-elasticsearch6 Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenShift Container Platform 4 openshift4/ose-metering-hive Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenShift Container Platform 4 openshift4/ose-metering-presto Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenShift Logging logging-elasticsearch6-container Unknown link Please refer to Red Hat Customer Portal to find the right errata for your version. cisagov 2021-12-21
Red Hat OpenStack Platform 13 (Queens) opendaylight Unknown link End of Life cisagov 2021-12-21
Red Hat Software Collections rh-java-common-log4j Unknown link cisagov 2021-12-21
Red Hat Software Collections rh-maven35-log4j12 Unknown link cisagov 2021-12-21
Red Hat Software Collections rh-maven36-log4j12 Unknown link cisagov 2021-12-21
Red5Pro Unknown link cisagov 2022-01-12
RedGate Unknown link cisagov 2022-01-12
Redis Unknown link cisagov 2022-01-12
Reiner SCT Unknown link cisagov 2022-01-12
ReportURI Unknown link cisagov 2022-01-12
ResMed AirView Unknown link cisagov 2021-12-21
ResMed myAir Unknown link cisagov 2021-12-21
Respondus Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Revenera / Flexera Unknown link cisagov 2022-01-12
Ricoh Unknown link cisagov 2022-01-12
RingCentral Unknown link cisagov 2022-01-12
Riverbed Unknown link cisagov 2022-01-12
Rockwell Automation FactoryTalk Analytics DataFlowML 4.00.00 Affected link cisagov 2021-12-15
Rockwell Automation FactoryTalk Analytics DataView 3.03.00 Affected link cisagov 2021-12-15
Rockwell Automation Industrial Data Center Gen 1, Gen 2, Gen 3, Gen 3.5 Fixed link cisagov 2021-12-15
Rockwell Automation MES EIG 3.03.00 Affected link Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions. cisagov 2021-12-15
Rockwell Automation VersaVirtual Series A Fixed link cisagov 2021-12-15
Rockwell Automation Warehouse Management 4.01.00, 4.02.00, 4.02.01, 4.02.02 Affected link cisagov 2021-12-15
Rollbar Unknown link cisagov 2022-01-12
Rosette.com Unknown link cisagov 2022-01-12
RSA SecurID Authentication Manager Unknown cisagov 2022-01-12
RSA SecurID Authentication Manager Prime Unknown cisagov 2022-01-12
RSA SecurID Authentication Manager WebTier Unknown cisagov 2022-01-12
RSA SecurID Governance and Lifecycle Unknown cisagov 2022-01-12
RSA SecurID Governance and Lifecycle Cloud Unknown cisagov 2022-01-12
RSA SecurID Identity Router Unknown cisagov 2022-01-12
RSA Netwitness Unknown link cisagov 2022-01-12
Rstudioapi Rstudioapi Not Affected link cisagov 2021-12-21
Rubrik Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Ruckus Virtual SmartZone (vSZ) 5.1 to 6.0 Affected link cisagov 2021-12-13
RunDeck by PagerDuty Unknown link cisagov 2022-01-12
Runecast Runecast Analyzer 6.0.3 Fixed link cisagov 2022-01-12
SAE-IT Unknown link cisagov 2022-01-12
SAFE FME Server Unknown link cisagov 2022-01-12
SAGE Unknown link cisagov 2022-01-12
SailPoint Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Salesforce Analytics Cloud Unknown link Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce B2C Commerce Cloud Unknown link B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce ClickSoftware (As-a-Service) Unknown link ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce ClickSoftware (On-Premise) Unknown link ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here. cisagov 2021-12-15
Salesforce Data.com Unknown link Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce DataLoader <=53.0.0 Fixed link cisagov 2021-12-22
Salesforce Datorama Unknown link Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Evergage (Interaction Studio) Unknown link Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Experience (Community) Cloud Unknown link Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Force.com Unknown link Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader. cisagov 2021-12-15
Salesforce Heroku Unknown link Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. cisagov 2021-12-15
Salesforce Marketing Cloud Unknown link Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046. cisagov 2021-12-15
Salesforce MuleSoft (Cloud) Unknown link MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. cisagov 2021-12-15
Salesforce MuleSoft (On-Premise) Unknown link MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. cisagov 2021-12-15
Salesforce Pardot Unknown link Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Sales Cloud Unknown link Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Service Cloud Unknown link Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Slack Unknown link Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here. cisagov 2021-12-15
Salesforce Social Studio Unknown link Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Salesforce Tableau (On-Premise) < 2021.4.1 Fixed link Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. cisagov 2021-12-16
Salesforce Tableau (Online) Unknown link Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. cisagov 2021-12-15
Samsung Electronics America Knox Admin Portal Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Asset Intelligence Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Configure Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox E-FOTA One Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Guard Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox License Management Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Manage Cloud Fixed link cisagov 2022-01-17
Samsung Electronics America Knox Managed Services Provider (MSP) Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Mobile Enrollment Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Reseller Portal Cloud Fixed link cisagov 2022-01-17
Sangoma Unknown link cisagov 2022-01-12
SAP Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAP Advanced Platform Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAP BusinessObjects Unknown link The support document is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAS Unknown link cisagov 2022-01-12
SASSAFRAS Unknown link cisagov 2022-01-12
Savignano software solutions Unknown link cisagov 2022-01-12
SBT SBT <1.5.6 Affected link cisagov 2021-12-15
ScaleComputing Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
ScaleFusion MobileLock Pro Unknown link cisagov 2022-01-12
Schneider Electric EASYFIT Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Ecoreal XL Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric EcoStruxure IT Expert Cloud Fixed cisagov 2021-12-20
Schneider Electric EcoStruxure IT Gateway V1.5.0 to V1.13.0 Fixed link cisagov 2021-12-20
Schneider Electric Eurotherm Data Reviewer V3.0.2 and prior Affected link cisagov 2021-12-20
Schneider Electric Facility Expert Small Business Cloud Fixed link cisagov 2021-12-20
Schneider Electric MSE Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric NetBotz750/755 Software versions 5.0 through 5.3.0 Affected link cisagov 2021-12-20
Schneider Electric NEW630 Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK BOM Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-Docgen Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-TNC Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-UMS Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK3D2DRenderer Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK3D360Widget Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Select and Config DATA Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNC-API Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNC-CMM Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNCSEMTECH Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SPIMV3 Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SWBEditor Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SWBEngine Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Wiser by SE platform Cloud Fixed cisagov 2021-12-20
Schweitzer Engineering Laboratories Unknown link cisagov 2021-12-21
SCM Manager Unknown link cisagov 2022-01-12
ScreenBeam Unknown link cisagov 2022-01-12
SDL worldServer Unknown link cisagov 2022-01-12
Seagull Scientific Unknown link cisagov 2022-01-12
SecurePoint Unknown link cisagov 2022-01-12
Security Onion Unknown link cisagov 2022-01-12
Securonix Extended Detection and Response (XDR) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix Next Gen SIEM All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix Security Analytics and Operations Platform (SOAR) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix SNYPR Application Unknown link cisagov 2021-12-10
Securonix User and Entity Behavior Analytics(UEBA) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Seeburger Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2022-01-12
SentinelOne Unknown link cisagov 2022-01-12
Sentry Unknown link cisagov 2022-01-12
SEP Unknown link cisagov 2022-01-12
Server Eye Unknown link cisagov 2022-01-12
ServiceNow Unknown link cisagov 2022-01-12
Shibboleth Unknown link cisagov 2022-01-12
Shibboleth All Products Not Affected link cisagov 2021-12-10
Shopify Unknown link cisagov 2022-01-12
Siebel Unknown link cisagov 2022-01-12
Siemens Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-22
Siemens Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-19
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-21
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-20
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-16
Siemens Healthineers ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 Unknown link If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. cisagov 2021-12-22
Siemens Healthineers CENTRALINK v16.0.2 / v16.0.3 Unknown link If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. cisagov 2021-12-22
Siemens Healthineers Cios Flow S1 / Alpha / Spin VA30 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Cios Select FD/I.I. VA21 / VA21-S3P Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers DICOM Proxy VB10A Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers go.All, Som10 VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Fit, Som10 VA30 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Now, Som10 VA10 / VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Open Pro, Som10 VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Sim, Som10 VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Up, Som10 VA10 / VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Altea NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Amira NUMARIS/X VA12M Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Free.Max NUMARIS/X VA40 Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Lumina NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sempra NUMARIS/X VA12M Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sola fit NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sola NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Vida fit NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Vida NUMARIS/X VA10A* / VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Somatom Emotion Som5 VC50 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Somatom Scope Som5 VC50 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers Syngo MobileViewer VA10A Unknown link The vulnerability will be patch/mitigated in upcoming releases\patches. cisagov 2021-12-22
Siemens Healthineers syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 Unknown link Please contact your Customer Service to get support on mitigating the vulnerability. cisagov 2021-12-22
Siemens Healthineers syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers syngo.via WebViewer VA13B / VA20A / VA20B Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers X.Ceed Somaris 10 VA40* Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers X.Cite Somaris 10 VA30*/VA40* Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Sierra Wireless Unknown link cisagov 2022-01-12
Sierra Wireless AirVantage and Octave cloud platforms Unknown link These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. cisagov 2022-01-05
Sierra Wireless AM/AMM servers Unknown link cisagov 2022-01-05
Signald Unknown link cisagov 2022-01-12
Silver Peak Orchestrator, Silver Peak GMS Unknown link Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. cisagov 2021-12-14
SingleWire Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
SISCO Unknown link cisagov 2022-01-05
Sitecore Unknown link cisagov 2022-01-12
Skillable Unknown link cisagov 2022-01-12
SLF4J Unknown link cisagov 2022-01-12
Slurm Slurm Not Affected link cisagov 2021-12-21
SMA Solar Technology AG Unknown link cisagov 2022-01-05
SmartBear Unknown link cisagov 2022-01-12
SmileCDR Unknown link cisagov 2022-01-12
Sn0m Unknown link cisagov 2022-01-12
Snakemake Snakemake Not Affected link cisagov 2021-12-21
Snow Software Snow Commander 8.1 to 8.10.2 Fixed link cisagov 2022-01-12
Snow Software VM Access Proxy v3.1 to v3.6 Fixed link cisagov 2022-01-12
Snowflake Unknown link cisagov 2022-01-12
Snyk Cloud Platform Unknown link cisagov 2022-01-12
Software AG Unknown link cisagov 2022-01-12
SolarWinds Database Performance Analyzer (DPA) 2021.1.x, 2021.3.x, 2022.1.x Affected link For more information, please see the following KB article: link cisagov 2021-12-23
SolarWinds Orion Platform Unknown link cisagov 2021-12-23
SolarWinds Server & Application Monitor (SAM) SAM 2020.2.6 and later Affected link For more information, please see the following KB article for the latest details specific to the SAM hotfix: link cisagov 2021-12-23
SonarSource Unknown link cisagov 2022-01-12
Sonatype All Products Not Affected link Sonatype uses logback as the default logging solution as opposed to log4j. This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the reported log4j vulnerabilities. We still advise keeping your software upgraded at the latest version. cisagov 2021-12-29
SonicWall Access Points Unknown link Log4j2 not used in the SonicWall Access Points cisagov 2021-12-12
SonicWall Analytics Unknown link Under Review cisagov 2021-12-12
SonicWall Analyzer Unknown link Under Review cisagov 2021-12-12
SonicWall Capture Client & Capture Client Portal Unknown link Log4j2 not used in the Capture Client. cisagov 2021-12-12
SonicWall Capture Security Appliance Unknown link Log4j2 not used in the Capture Security appliance. cisagov 2021-12-12
SonicWall CAS Unknown link Under Review cisagov 2021-12-12
SonicWall Email Security Unknown link ES 10.0.11 and earlier versions are impacted cisagov 2021-12-17
SonicWall Gen5 Firewalls (EOS) Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall Gen6 Firewalls Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall Gen7 Firewalls Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall GMS Unknown link Under Review cisagov 2021-12-12
SonicWall MSW Unknown link Mysonicwall service doesn't use Log4j cisagov 2021-12-12
SonicWall NSM Unknown link NSM On-Prem and SaaS doesn't use a vulnerable version cisagov 2021-12-12
SonicWall SMA 100 Unknown link Log4j2 not used in the SMA100 appliance. cisagov 2021-12-12
SonicWall SMA 1000 Unknown link Version 12.1.0 and 12.4.1 doesn't use a vulnerable version cisagov 2021-12-12
SonicWall SonicCore Unknown link SonicCore doesn't use a Log4j2 cisagov 2021-12-12
SonicWall SonicWall Switch Unknown link Log4j2 not used in the SonicWall Switch. cisagov 2021-12-12
SonicWall WAF Unknown link Under Review cisagov 2021-12-12
SonicWall WNM Unknown link Log4j2 not used in the WNM. cisagov 2021-12-12
SonicWall WXA Unknown link WXA doesn't use a vulnerable version cisagov 2021-12-12
Sophos Cloud Optix Unknown link Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. cisagov 2021-12-12
Sophos Reflexion Unknown link Reflexion does not run an exploitable configuration. cisagov 2021-12-12
Sophos SG UTM (all versions) Unknown link Sophos SG UTM does not use Log4j. cisagov 2021-12-12
Sophos SG UTM Manager (SUM) (all versions) Not Affected link SUM does not use Log4j. cisagov 2021-12-12
Sophos Sophos Central Unknown link Sophos Central does not run an exploitable configuration. cisagov 2021-12-12
Sophos Sophos Firewall (all versions) Unknown link Sophos Firewall does not use Log4j. cisagov 2021-12-12
Sophos Sophos Home Unknown link Sophos Home does not use Log4j. cisagov 2021-12-12
Sophos Sophos Mobile Unknown link Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. cisagov 2021-12-12
Sophos Sophos Mobile EAS Proxy < 9.7.2 Affected link The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. cisagov 2021-12-12
Sophos Sophos ZTNA Unknown link Sophos ZTNA does not use Log4j. cisagov 2021-12-12
SOS Berlin Unknown link cisagov 2022-01-12
Spacelabs Healthcare ABP Not Affected link cisagov 2022-01-05
Spacelabs Healthcare CardioExpress Not Affected link cisagov 2022-01-05
Spacelabs Healthcare DM3 and DM4 Monitors Unknown link cisagov 2022-01-05
Spacelabs Healthcare Eclipse Pro Unknown link cisagov 2022-01-05
Spacelabs Healthcare EVO Unknown link cisagov 2022-01-05
Spacelabs Healthcare Intesys Clinical Suite (ICS) Unknown link cisagov 2022-01-05
Spacelabs Healthcare Intesys Clinical Suite (ICS) Clinical Access Workstations Unknown link cisagov 2022-01-05
Spacelabs Healthcare Lifescreen Pro Unknown link cisagov 2022-01-05
Spacelabs Healthcare Pathfinder SL Unknown link cisagov 2022-01-05
Spacelabs Healthcare Qube Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Qube Mini Not Affected link cisagov 2022-01-05
Spacelabs Healthcare SafeNSound 4.3.1 Fixed link Version >4.3.1 - Not Affected cisagov 2022-01-05
Spacelabs Healthcare Sentinel Unknown link cisagov 2022-01-05
Spacelabs Healthcare Spacelabs Cloud Unknown link cisagov 2022-01-05
Spacelabs Healthcare Ultraview SL Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xhibit Telemetry Receiver (XTR) Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xhibit, XC4 Not Affected link cisagov 2022-01-05
Spacelabs Healthcare XprezzNet Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xprezzon Not Affected link cisagov 2022-01-05
Spambrella Unknown link cisagov 2022-01-12
Spigot Unknown link cisagov 2022-01-12
Splunk Data Stream Processor DSP 1.0.x, DSP 1.1.x, DSP 1.2.x Affected link cisagov 2021-12-30
Splunk IT Essentials Work App ID 5403 4.11, 4.10.x (Cloud only), 4.9.x Affected link cisagov 2021-12-30
Splunk IT Service Intelligence (ITSI) App ID 1841 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x Affected link cisagov 2021-12-30
Splunk Splunk Add-On for Java Management Extensions App ID 2647 5.2.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Add-On for Tomcat App ID 2911 3.0.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Application Performance Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Connect for Kafka All versions prior to 2.0.4 Affected link cisagov 2021-12-30
Splunk Splunk Enterprise (including instance types like Heavy Forwarders) All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. Affected link cisagov 2021-12-30
Splunk Splunk Enterprise Amazon Machine Image (AMI) See Splunk Enterprise Affected link cisagov 2021-12-30
Splunk Splunk Enterprise Docker Container See Splunk Enterprise Affected link cisagov 2021-12-30
Splunk Splunk Infrastructure Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Log Observer Current Affected link cisagov 2021-12-30
Splunk Splunk Logging Library for Java 1.11.0 and older Affected link cisagov 2021-12-30
Splunk Splunk On-call / VictorOps Current Affected link cisagov 2021-12-30
Splunk Splunk OVA for VMWare App ID 3216 4.0.3 and older Affected link cisagov 2021-12-30
Splunk Splunk OVA for VMWare Metrics App ID 5096 4.2.1 and older Affected link cisagov 2021-12-30
Splunk Splunk Real User Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Splunk Add-On for JBoss App ID 2954 3.0.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Synthetics Current Affected link cisagov 2021-12-30
Splunk Splunk UBA OVA Software 5.0.3a, 5.0.0 Affected link cisagov 2021-12-30
Splunk Splunk VMWare OVA for ITSI App ID 4760 1.1.1 and older Affected link cisagov 2021-12-30
Sprecher Automation Unknown link cisagov 2022-01-12
Spring Spring Boot Unknown link Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 cisagov 2022-01-12
Spring Boot Unknown link cisagov 2022-01-12
StarDog Unknown link cisagov 2022-01-12
STERIS Advantage Unknown link cisagov 2021-12-22
STERIS Advantage Plus Unknown link cisagov 2021-12-22
STERIS AMSCO 2000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 3000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 400 MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO 400 SMALL STEAM STERILIZERS Unknown link cisagov 2021-12-22
STERIS AMSCO 5000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 600 MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO 7000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO CENTURY MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO CENTURY SMALL STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS Unknown link cisagov 2021-12-22
STERIS AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO EVOLUTION MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS Canexis 1.0 Unknown link cisagov 2021-12-22
STERIS CELERITY HP INCUBATOR Unknown link cisagov 2021-12-22
STERIS CELERITY STEAM INCUBATOR Unknown link cisagov 2021-12-22
STERIS CER Optima Unknown link cisagov 2021-12-22
STERIS Clarity Software Unknown link cisagov 2021-12-22
STERIS Connect Software Unknown link cisagov 2021-12-22
STERIS ConnectAssure Technology Unknown link cisagov 2021-12-22
STERIS ConnectoHIS Unknown link cisagov 2021-12-22
STERIS CS-iQ Sterile Processing Workflow Unknown link cisagov 2021-12-22
STERIS DSD Edge Unknown link cisagov 2021-12-22
STERIS DSD-201, Unknown link cisagov 2021-12-22
STERIS EndoDry Unknown link cisagov 2021-12-22
STERIS Endora Unknown link cisagov 2021-12-22
STERIS Harmony iQ Integration Systems Unknown link cisagov 2021-12-22
STERIS Harmony iQ Perspectives Image Management System Unknown link cisagov 2021-12-22
STERIS HexaVue Unknown link cisagov 2021-12-22
STERIS HexaVue Integration System Unknown link cisagov 2021-12-22
STERIS IDSS Integration System Unknown link cisagov 2021-12-22
STERIS RapidAER Unknown link cisagov 2021-12-22
STERIS ReadyTracker Unknown link cisagov 2021-12-22
STERIS RealView Visual Workflow Management System Unknown link cisagov 2021-12-22
STERIS RELIANCE 444 WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE SYNERGY WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS Renatron Unknown link cisagov 2021-12-22
STERIS ScopeBuddy+ Unknown link cisagov 2021-12-22
STERIS SecureCare ProConnect Technical Support Services Unknown link cisagov 2021-12-22
STERIS Situational Awareness for Everyone Display (S.A.F.E.) Unknown link cisagov 2021-12-22
STERIS SPM Surgical Asset Tracking Software Unknown link cisagov 2021-12-22
STERIS SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS Unknown link cisagov 2021-12-22
Sterling Order IBM Unknown link cisagov 2022-01-12
Storagement Unknown link cisagov 2022-01-12
StormShield Unknown link cisagov 2022-01-12
StrangeBee TheHive & Cortex Unknown link cisagov 2022-01-12
Stratodesk Unknown link cisagov 2022-01-12
Strimzi Unknown link cisagov 2022-01-12
Stripe Unknown link cisagov 2022-01-12
Styra Unknown link cisagov 2022-01-12
Sumologic Unknown link cisagov 2022-01-12
SumoLogic Unknown link cisagov 2022-01-12
Superna EYEGLASS Unknown link cisagov 2022-01-12
Suprema Inc Unknown link cisagov 2022-01-12
SUSE Unknown link cisagov 2022-01-12
Sweepwidget Unknown link cisagov 2022-01-12
Swyx Unknown link cisagov 2022-01-12
Synchro MSP Unknown link cisagov 2022-01-12
Syncplify Unknown link cisagov 2022-01-12
Synology Unknown link cisagov 2022-01-12
Synopsys Unknown link cisagov 2022-01-12
Syntevo Unknown link cisagov 2022-01-12
SysAid Unknown link cisagov 2022-01-12
Sysdig Unknown link cisagov 2022-01-12
Tableau Tableau Bridge The following versions and lower: 20214.21.1109.1748, 20213.21.1112.1434, 20212.21.0818.1843, 20211.21.0617.1133, 20204.21.0217.1203, 20203.20.0913.2112, 20202.20.0721.1350, 20201.20.0614.2321, 20194.20.0614.2307, 20193.20.0614.2306, 20192.19.0917.1648, 20191.19.0402.1911, 20183.19.0115.1143 Affected link cisagov 2021-12-22
Tableau Tableau Desktop The following versions and lower: 2021.4, 2021.3.4, 2021.2.5, 2021.1.8, 2020.4.11, 2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 Affected link cisagov 2021-12-22
Tableau Tableau Prep Builder The following versions and lower: 22021.4.1, 2021.3.2, 2021.2.2, 2021.1.4, 2020.4.1, 2020.3.3, 2020.2.3, 2020.1.5, 2019.4.2, 2019.3.2, 2019.2.3, 2019.1.4, 2018.3.3 Affected link cisagov 2021-12-22
Tableau Tableau Public Desktop Client The following versions and lower: 2021.4 Affected link cisagov 2021-12-22
Tableau Tableau Reader The following versions and lower: 2021.4 Affected link cisagov 2021-12-22
Tableau Tableau Server The following versions and lower: 2021.4, 2021.3.4, 2021.2.5, 2021.1.8, 2020.4.11, 2020.3.14, 2020.2.19, 2020.1.22, 2019.4.25, 2019.3.26, 2019.2.29, 2019.1.29, 2018.3.29 Affected link cisagov 2021-12-22
Talend Unknown link cisagov 2022-01-12
Tanium All Not Affected link Tanium does not use Log4j. cisagov 2021-12-21
TealiumIQ Unknown link cisagov 2022-01-12
TeamPasswordManager Unknown link cisagov 2022-01-12
Teamviewer Unknown link cisagov 2022-01-12
Tech Software OneAegis (f/k/a IRBManager) Not Affected link OneAegis does not use Log4j. cisagov 2021-12-15
Tech Software SMART Not Affected link SMART does not use Log4j. cisagov 2021-12-15
Tech Software Study Binders Not Affected link Study Binders does not use Log4j. cisagov 2021-12-15
TechSmith Unknown link cisagov 2022-01-12
Telestream Unknown link cisagov 2022-01-12
Tenable Tenable.io / Nessus Unknown link None of Tenables products are running the version of Log4j vulnerable to CVE-2021-44228 or CVE-2021-45046 at this time cisagov 2022-01-12
Thales CADP/SafeNet Protect App (PA) - JCE Unknown link cisagov 2021-12-17
Thales CipherTrust Application Data Protection (CADP) CAPI.net & Net Core Unknown link cisagov 2021-12-17
Thales CipherTrust Batch Data Transformation (BDT) 2.3 Unknown link cisagov 2021-12-17
Thales CipherTrust Cloud Key Manager (CCKM) Appliance Unknown link cisagov 2021-12-17
Thales CipherTrust Cloud Key Manager (CCKM) Embedded Unknown link cisagov 2021-12-17
Thales CipherTrust Database Protection Unknown link cisagov 2021-12-17
Thales CipherTrust Manager Unknown link cisagov 2021-12-17
Thales CipherTrust Transparent Encryption (CTE/VTE/CTE-U) Unknown link cisagov 2021-12-17
Thales CipherTrust Vaulted Tokenization (CT-V) / SafeNet Tokenization Manager Unknown link cisagov 2021-12-17
Thales CipherTrust Vaultless Tokenization (CTS, CT-VL) Unknown link cisagov 2021-12-17
Thales CipherTrust/SafeNet PDBCTL Unknown link cisagov 2021-12-17
Thales Crypto Command Center (CCC) Unknown link cisagov 2021-12-17
Thales Data Protection on Demand Unknown link cisagov 2021-12-17
Thales Data Security Manager (DSM) Unknown link cisagov 2021-12-17
Thales KeySecure Unknown link cisagov 2021-12-17
Thales Luna EFT Unknown link cisagov 2021-12-17
Thales Luna Network, PCIe, Luna USB HSM and backup devices Unknown link cisagov 2021-12-17
Thales Luna SP Unknown link cisagov 2021-12-17
Thales payShield Monitor Unknown link cisagov 2021-12-17
Thales ProtectServer HSMs Unknown link cisagov 2021-12-17
Thales SafeNet Authentication Client Unknown link cisagov 2021-12-17
Thales SafeNet eToken (all products) Unknown link cisagov 2021-12-17
Thales SafeNet IDPrime Virtual Unknown link cisagov 2021-12-17
Thales SafeNet IDPrime(all products) Unknown link cisagov 2021-12-17
Thales SafeNet LUKS Unknown link cisagov 2021-12-17
Thales SafeNet PKCS#11 and TDE Unknown link cisagov 2021-12-17
Thales SafeNet ProtectApp (PA) CAPI, .Net & Net Core Unknown link cisagov 2021-12-17
Thales SafeNet ProtectDB (PDB) Unknown link cisagov 2021-12-17
Thales Safenet ProtectFile and ProtectFile- Fuse Unknown link cisagov 2021-12-17
Thales SafeNet ProtectV Unknown link cisagov 2021-12-17
Thales SafeNet SQL EKM Unknown link cisagov 2021-12-17
Thales SafeNet Transform Utility (TU) Unknown link cisagov 2021-12-17
Thales SafeNet Trusted Access (STA) Unknown link cisagov 2021-12-17
Thales SafeNet Vaultless Tokenization Unknown link cisagov 2021-12-17
Thales SAS on Prem (SPE/PCE) Unknown link cisagov 2021-12-17
Thales Sentinel Connect Unknown link cisagov 2021-12-17
Thales Sentinel EMS Enterprise aaS Unknown link cisagov 2021-12-17
Thales Sentinel EMS Enterprise OnPremise Unknown link cisagov 2021-12-17
Thales Sentinel Envelope Unknown link cisagov 2021-12-17
Thales Sentinel ESDaaS Unknown link cisagov 2021-12-17
Thales Sentinel HASP, Legacy dog, Maze, Hardlock Unknown link cisagov 2021-12-17
Thales Sentinel LDK EMS (LDK-EMS) Unknown link cisagov 2021-12-17
Thales Sentinel LDKaas (LDK-EMS) Unknown link cisagov 2021-12-17
Thales Sentinel Professional Services components (both Thales hosted & hosted on-premises by customers) Unknown link cisagov 2021-12-17
Thales Sentinel RMS Unknown link cisagov 2021-12-17
Thales Sentinel SCL Unknown link cisagov 2021-12-17
Thales Sentinel Superdog, SuperPro, UltraPro, SHK Unknown link cisagov 2021-12-17
Thales Sentinel Up Unknown link cisagov 2021-12-17
Thales Thales Data Platform (TDP)(DDC) Unknown link cisagov 2021-12-17
Thales Thales payShield 10k Unknown link cisagov 2021-12-17
Thales Thales payShield 9000 Unknown link cisagov 2021-12-17
Thales Thales payShield Manager Unknown link cisagov 2021-12-17
Thales Vormetirc Key Manager (VKM) Unknown link cisagov 2021-12-17
Thales Vormetric Application Encryption (VAE) Unknown link cisagov 2021-12-17
Thales Vormetric Protection for Terradata Database (VPTD) Unknown link cisagov 2021-12-17
Thales Vormetric Tokenization Server (VTS) Unknown link cisagov 2021-12-17
Thermo Fisher Scientific Unknown link cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal, Install the 2022a patch when available cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal, delete the Log4j 2 files in the program installation if required, see advisory for instructions. cisagov 2021-12-22
Thermo-Calc Thermo-Calc Not Affected link Use the program as normal cisagov 2021-12-22
Thomson Reuters HighQ Appliance <3.5 Affected link Reported by vendor - Documentation is in vendor's client portal (login required). This advisory is available to customer only and has not been reviewed by CISA. cisagov 2021-12-20
ThreatLocker Unknown link cisagov 2022-01-12
ThycoticCentrify Account Lifecycle Manager Not Affected link cisagov 2021-12-10
ThycoticCentrify Cloud Suite Not Affected link cisagov 2021-12-10
ThycoticCentrify Connection Manager Not Affected link cisagov 2021-12-10
ThycoticCentrify DevOps Secrets Vault Not Affected link cisagov 2021-12-10
ThycoticCentrify Password Reset Server Not Affected link cisagov 2021-12-10
ThycoticCentrify Privilege Manager Not Affected link cisagov 2021-12-10
ThycoticCentrify Privileged Behavior Analytics Not Affected link cisagov 2021-12-10
ThycoticCentrify Secret Server Not Affected link cisagov 2021-12-10
ThycoticCentrify Server Suite Not Affected link cisagov 2021-12-10
Tibco Unknown link cisagov 2022-01-12
Top Gun Technology (TGT) Unknown link cisagov 2022-01-12
TopDesk Unknown link cisagov 2022-01-12
Topicus Security Topicus KeyHub Not Affected link cisagov 2021-12-20
Topix Unknown link cisagov 2022-01-12
Tosibox Unknown link cisagov 2022-01-12
TPLink Omega Controller Linux/Windows(all) Affected link Update is Beta. Reddit: overwritten vulnerable log4j with 2.15 files as potential workaround. Though that should now be done with 2.16 Tp Community Link,Reddit Link cisagov 2021-12-15
TrendMicro All Unknown link cisagov 2022-01-12
Tricentis Tosca Unknown link cisagov 2022-01-12
Tridium Unknown link Document access requires authentication. CISA is not able to validate vulnerability status. cisagov 2022-01-19
Trimble eCognition 10.2.0 Build 4618 Affected Remediation steps provided by Trimble cisagov 2021-12-23
Tripp Lite LX Platform devices (includes WEBCARDLX, WEBCARDLXMINI, SRCOOLNETLX, SRCOOLNET2LX and devices with pre-installed or embedded WEBCARDLX interfaces) Unknown link cisagov 2022-01-04
Tripp Lite PowerAlert Local (PAL) Unknown link Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. cisagov 2022-01-04
Tripp Lite PowerAlert Network Management System (PANMS) Unknown link Some versions of PAL use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. cisagov 2022-01-04
Tripp Lite PowerAlert Network Shutdown Agent (PANSA) Unknown link Some versions of PANSA use log4j v1 which is NOT AFFECTED by the CVE-2021-44228 vulnerability. cisagov 2022-01-04
Tripp Lite PowerAlertElement Manager (PAEM) 1.0.0 Affected link Tripp Lite will soon be issuing a patch in the form of PAEM 1.0.1 which will contain a patched version of Log4j2 cisagov 2022-01-04
Tripp Lite SNMPWEBCARD, SRCOOLNET, SRCOOLNET2 and devices with pre-installed or embedded SNMPWEBCARD Unknown link cisagov 2022-01-04
Tripp Lite TLNETCARD and associated software Unknown link cisagov 2022-01-04
Tripwire Unknown link cisagov 2022-01-12
TrueNAS Unknown link cisagov 2022-01-12
Tufin Unknown link cisagov 2022-01-12
TYPO3 Unknown link cisagov 2022-01-12
Ubiquiti UniFi Network Application 6.5.53 & lower versions Affected link cisagov 2022-01-12
Ubiquiti UniFi Network Controller 6.5.54 & lower versions Affected link 6.5.54 is reported to still be vulnerable. 6.5.55 is the new recommendation for mitigatin log4j vulnerabilities by updating to log4j 2.16.0 cisagov 2021-12-15
Ubuntu Unknown link cisagov 2022-01-12
UiPath InSights 20.10 Affected link cisagov 2021-12-15
Umbraco Unknown link cisagov 2022-01-12
UniFlow Unknown link cisagov 2022-01-12
Unify ATOS Unknown link cisagov 2022-01-12
Unimus Unknown link cisagov 2022-01-12
USSIGNAL MSP Unknown link cisagov 2022-01-12
Varian Acuity All Affected link cisagov 2021-12-22
Varian ARIA Connect (Cloverleaf) Not Affected link cisagov 2021-12-22
Varian ARIA eDOC Not Affected link cisagov 2021-12-22
Varian ARIA oncology information system for Medical Oncology Not Affected link cisagov 2021-12-22
Varian ARIA oncology information system for Radiation Oncology Not Affected link cisagov 2021-12-22
Varian ARIA Radiation Therapy Management System (RTM) Not Affected link cisagov 2021-12-22
Varian Bravos Console Not Affected link cisagov 2021-12-22
Varian Clinac All Affected link cisagov 2021-12-22
Varian Cloud Planner Not Affected link cisagov 2021-12-22
Varian DITC All Affected link cisagov 2021-12-22
Varian DoseLab Not Affected link cisagov 2021-12-22
Varian Eclipse treatment planning software Not Affected link cisagov 2021-12-22
Varian ePeerReview All Affected link cisagov 2021-12-22
Varian Ethos Not Affected link cisagov 2021-12-22
Varian FullScale oncology IT solutions All Affected link cisagov 2021-12-22
Varian Halcyon system All Affected link cisagov 2021-12-22
Varian ICAP Not Affected link cisagov 2021-12-22
Varian Identify Not Affected link cisagov 2021-12-22
Varian Information Exchange Manager (IEM) Not Affected link cisagov 2021-12-22
Varian InSightive Analytics All Affected link cisagov 2021-12-22
Varian Large Integrated Oncology Network (LION) Not Affected link cisagov 2021-12-22
Varian Mobius3D platform Not Affected link cisagov 2021-12-22
Varian PaaS Not Affected link cisagov 2021-12-22
Varian ProBeam Not Affected link cisagov 2021-12-22
Varian Qumulate Not Affected link cisagov 2021-12-22
Varian Real-time Position Management (RPM) Not Affected link cisagov 2021-12-22
Varian Respiratory Gating for Scanners (RGSC) Not Affected link cisagov 2021-12-22
Varian SmartConnect solution All Affected link See Knowledge Article: 000038850 on MyVarian cisagov 2021-12-22
Varian SmartConnect solution Policy Server All Affected link See Knowledge Articles: 000038831 and 000038832 on MyVarian cisagov 2021-12-22
Varian TrueBeam radiotherapy system Not Affected link cisagov 2021-12-22
Varian UNIQUE system All Affected link cisagov 2021-12-22
Varian Varian Authentication and Identity Server (VAIS) Not Affected link cisagov 2021-12-22
Varian Varian Managed Services Cloud All Affected link cisagov 2021-12-22
Varian Varian Mobile App Not Affected link cisagov 2021-12-22
Varian VariSeed Not Affected link cisagov 2021-12-22
Varian Velocity Not Affected link cisagov 2021-12-22
Varian VitalBeam radiotherapy system Not Affected link cisagov 2021-12-22
Varian Vitesse Not Affected link cisagov 2021-12-22
Varian XMediusFax for ARIA oncology information system for Medical Oncology All Affected link cisagov 2021-12-22
Varian XMediusFax for ARIA oncology information system for Radiation Oncology All Affected link cisagov 2021-12-22
VArmour Unknown link cisagov 2022-01-12
Varnish Software Unknown link cisagov 2022-01-12
Varonis Unknown link cisagov 2022-01-12
Veeam Unknown link cisagov 2022-01-12
Venafi Unknown link cisagov 2022-01-12
Veritas NetBackup Unknown link cisagov 2022-01-12
Vertica Unknown link cisagov 2022-01-12
Video Insight Inc. Video Insight Not Affected link Video Insight is a part of Panasonic I-Pro. cisagov 2022-01-19
Viso Trust Unknown link cisagov 2022-01-12
VMware API Portal for VMware Tanzu 1.x Affected link cisagov 2021-12-12
VMware App Metrics 2.x Affected link cisagov 2021-12-12
VMware Healthwatch for Tanzu Application Service 2.x, 1.x Affected link cisagov 2021-12-12
VMware Single Sign-On for VMware Tanzu Application Service 1.x Affected link cisagov 2021-12-12
VMware Spring Cloud Gateway for Kubernetes 1.x Affected link cisagov 2021-12-12
VMware Spring Cloud Gateway for VMware Tanzu 1.x Affected link cisagov 2021-12-12
VMware Spring Cloud Services for VMware Tanzu 3.x Affected link cisagov 2021-12-12
VMware vCenter Server - OVA 7.x, 6.7.x, 6.5.x Affected link Workaround @ KB87081 (vmware.com) cisagov 2021-12-17
VMware vCenter Server - Windows 6.7.x, 6.5.x Affected link Workaround @ KB87096 (vmware.com) cisagov 2021-12-17
VMware VMware Carbon Black Cloud Workload Appliance 1.x Affected link cisagov 2021-12-12
VMware VMware Carbon Black EDR Server 7.x, 6.x Affected link cisagov 2021-12-12
VMware VMware Cloud Foundation 4.x, 3.x Affected link cisagov 2021-12-12
VMware VMware HCX 4.x, 3.x Affected link cisagov 2021-12-12
VMware VMware Horizon 8.x, 7.x Affected link VMware KB 87073 (vmware.com) cisagov 2021-12-17
VMware VMware Horizon Cloud Connector 1.x, 2.x Affected link cisagov 2021-12-12
VMware VMware Horizon DaaS 9.1.x, 9.0.x Affected link cisagov 2021-12-12
VMware VMware Identity Manager 3.3.x Affected link cisagov 2021-12-12
VMware VMware NSX-T Data Centern 3.x, 2.x Affected link cisagov 2021-12-12
VMware VMware Site Recovery Manager 8.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Application Service for VMs 2.x Affected link cisagov 2021-12-12
VMware VMware Tanzu GemFire 9.x, 8.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Greenplum 6.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Kubernetes Grid Integrated Edition 1.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Observability by Wavefront Nozzle 3.x, 2.x Affected link cisagov 2021-12-12
VMware VMware Tanzu Operations Manager 2.x Affected link cisagov 2021-12-12
VMware VMware Tanzu SQL with MySQL for VMs 2.x, 1.x Affected link cisagov 2021-12-12
VMware VMware Telco Cloud Automation 2.x, 1.x Affected link cisagov 2021-12-12
VMware VMware Unified Access Gateway 21.x, 20.x, 3.x Affected link cisagov 2021-12-12
VMware VMware vCenter Cloud Gateway 1.x Affected link cisagov 2021-12-12
VMware VMware vRealize Automation 8.x, 7.x Affected link cisagov 2021-12-12
VMware VMware vRealize Lifecycle Manager 8.x Affected link cisagov 2021-12-12
VMware VMware vRealize Log Insight 8.x Affected link cisagov 2021-12-12
VMware VMware vRealize Operations 8.x Affected link cisagov 2021-12-12
VMware VMware vRealize Operations Cloud Proxy Any Affected link cisagov 2021-12-12
VMware VMware vRealize Orchestrator 8.x, 7.x Affected link cisagov 2021-12-12
VMware VMware Workspace ONE Access 21.x, 20.10.x Affected link cisagov 2021-12-12
VMware VMware Workspace ONE Access Connector (VMware Identity Manager Connector) 21.x, 20.10.x, 19.03.0.1 Affected link cisagov 2021-12-12
VTScada All Not Affected link Java is not utilized within VTScada software, and thus our users are unaffected. cisagov 2022-01-17
Vyaire Unknown link cisagov 2021-12-22
WAGO WAGO Smart Script 4.2.x < 4.8.1.3 Affected link cisagov 2021-12-17
Wallarm Unknown link cisagov 2022-01-12
Wasp Barcode technologies Unknown link cisagov 2022-01-12
WatchGuard Secplicity Unknown link cisagov 2022-01-12
Western Digital Unknown link cisagov 2022-01-12
WIBU Systems CodeMeter Cloud Lite 2.2 and prior Affected link cisagov 2021-12-22
WIBU Systems CodeMeter Keyring for TIA Portal 1.30 and prior Affected link Only the Password Manager is affected cisagov 2021-12-22
Wind River LTS17 Not Affected link cisagov 2022-01-21
Wind River LTS18 Not Affected link cisagov 2022-01-21
Wind River LTS19 Not Affected link cisagov 2022-01-21
Wind River LTS21 Not Affected link cisagov 2022-01-12
Wind River WRL-6 Not Affected link The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. cisagov 2022-01-21
Wind River WRL-7 Not Affected link The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. cisagov 2022-01-21
Wind River WRL-8 Not Affected link The Wind River Linux Product Versions 8.0 and prior contains the log4j1.2 and JMSAppender components, however, JMSAppender is deactivated in the release package and not affected by CVE-2021-4104 customers are advised to NOT manually activate the JMSAppender component. cisagov 2022-01-21
Wind River WRL-9 Not Affected link cisagov 2022-01-21
WireShark Unknown link cisagov 2022-01-12
Wistia Unknown link cisagov 2022-01-12
WitFoo Unknown link cisagov 2022-01-12
WordPress Unknown link cisagov 2022-01-12
Worksphere Unknown link cisagov 2022-01-12
Wowza Unknown link cisagov 2022-01-12
WSO2 WSO2 Enterprise Integrator 6.1.0 and above Affected link A temporary mitigation is available while vendor works on update cisagov 2022-01-12
XCP-ng Unknown link cisagov 2022-01-12
XenForo Unknown link cisagov 2022-01-12
Xerox Unknown link cisagov 2022-01-12
XPertDoc Unknown link cisagov 2022-01-12
XPLG Unknown link cisagov 2022-01-12
XWIKI Unknown link cisagov 2022-01-12
Xylem Aquatalk Unknown link cisagov 2021-12-22
Xylem Avensor Unknown link cisagov 2021-12-22
Xylem Configuration change complete Unknown link cisagov 2021-12-22
Xylem Sensus Analytics Unknown link cisagov 2021-12-22
Xylem Sensus Automation Control Configuration change complete Unknown link cisagov 2021-12-22
Xylem Sensus Cathodic Protection Mitigation in process Mitigation in process Unknown link cisagov 2021-12-22
Xylem Sensus FieldLogic LogServer Unknown link cisagov 2021-12-22
Xylem Sensus Lighting Control Unknown link cisagov 2021-12-22
Xylem Sensus NetMetrics Configuration change complete Unknown link cisagov 2021-12-22
Xylem Sensus RNI On Prem 4.7 through 4.10, 4.4 through 4.6, 4.2 Affected link cisagov 2021-12-22
Xylem Sensus RNI Saas 4.7 through 4.10, 4.4 through 4.6, 4.2 Affected link cisagov 2021-12-22
Xylem Sensus SCS Unknown link cisagov 2021-12-22
Xylem Smart Irrigation Unknown link cisagov 2021-12-22
Xylem Water Loss Management (Visenti) Unknown link cisagov 2021-12-22
Xylem Xylem Cloud Unknown link cisagov 2021-12-22
Xylem Xylem Edge Gateway (xGW) Unknown link cisagov 2021-12-22
Yellowbrick Unknown link cisagov 2022-01-12
YellowFin Unknown link cisagov 2022-01-12
YOKOGAWA Unknown link cisagov 2021-12-22
YSoft SAFEQ Unknown link cisagov 2022-01-12
Zabbix Unknown link cisagov 2022-01-12
ZAMMAD Unknown link cisagov 2022-01-12
Zaproxy Unknown link cisagov 2022-01-12
Zebra Unknown link cisagov 2022-01-12
Zendesk All Products All Versions Affected link Zendesk products are all cloud-based; thus there are no updates for the customers to install as the company is working on patching their infrastructure and systems. cisagov 2021-12-13
Zenoss Unknown link cisagov 2022-01-12
Zentera Systems, Inc. CoIP Access Platform Not Affected link cisagov 2021-12-17
Zerto Unknown link cisagov 2022-01-12
Zesty Unknown link cisagov 2022-01-12
Zimbra Unknown link cisagov 2022-01-12
Zix Unknown link cisagov 2021-12-16
Zoom Unknown link cisagov 2022-01-12
ZPE systems Inc Unknown link cisagov 2022-01-12
Zscaler See Link (Multiple Products) Unknown link cisagov 2021-12-15
Zyxel Unknown link cisagov 2022-01-12
Zyxel Security Firewall/Gateways Not Affected link cisagov 2021-12-14