1
0
Fork 0
mirror of https://github.com/cisagov/log4j-affected-db.git synced 2024-11-13 20:37:54 +00:00
log4j-affected-db/software_lists/software_list_S.md

87 KiB

CISA Log4j (CVE-2021-44228) Affected Vendor & Software List

0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Status Descriptions

Status Description
Unknown Status unknown. Default choice.
Affected Reported to be affected by CVE-2021-44228.
Not Affected Reported to NOT be affected by CVE-2021-44228 and no further action necessary.
Fixed Patch and/or mitigations available (see provided links).
Under Investigation Vendor investigating status.

Software List

This list has been populated using information from the following sources:

  • Kevin Beaumont
  • SwitHak
  • National Cyber Security Centre - Netherlands (NCSC-NL)

NOTE: This file is automatically generated. To submit updates, please refer to CONTRIBUTING.md.

Vendor Product Affected Versions Patched Versions Status Vendor Links Notes References Reporter Last Updated
SAE-IT Unknown link cisagov 2022-01-12
SAFE FME Server Unknown link cisagov 2022-01-12
SAGE Unknown link cisagov 2022-01-12
SailPoint Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
Salesforce Analytics Cloud All Fixed link Analytics Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce B2C Commerce Cloud All Fixed link B2C Commerce Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce ClickSoftware (As-a-Service) All Fixed link ClickSoftware (As-a-Service) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce ClickSoftware (On-Premise) All Fixed link ClickSoftware (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Additional details are available here. cisagov 2022-01-26
Salesforce Data.com All Fixed link Data.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce DataLoader >=53.0.2 Fixed link This version is for use with Salesforce Winter '22 or higher release through Salesforce Force Partner API and Force WSC v53.0.0. It contains the fix for CVE-2021-44228, CVE-2021-45046, and CVE-2021-45105 by upgrading to log4j 2.17.0. cisagov 2022-01-26
Salesforce Datorama All Fixed link Datorama was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Evergage (Interaction Studio) All Fixed link Evergage (Interaction Studio) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Experience (Community) Cloud All Fixed link Experience Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Force.com All Fixed link Force.com was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. The Data Loader tool has been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Make sure that you are using Data Loader version 53.0.2 or later. Follow the steps described here to download the latest version of Data Loader. cisagov 2022-01-26
Salesforce Heroku Not Affected link Heroku is reported to not be affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. cisagov 2022-01-26
Salesforce Marketing Cloud All Fixed link Salesforce-owned services within Marketing Cloud are not affected by the issues currently identified in CVE-2021-44228 or CVE-2021-45046. Third-party vendors have been patched to address the security issues currently identified in CVE-2021-44228 or CVE-2021-45046. cisagov 2022-01-26
Salesforce MuleSoft (Cloud) All Fixed link MuleSoft (Cloud) was affected by CVE-2021-44228 and CVE-2021-45046. Mulesoft services, including dataloader.io, have been updated to mitigate the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. cisagov 2022-01-26
Salesforce MuleSoft (On-Premise) All Fixed link MuleSoft (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors, including Private Cloud Edition (PCE) and Anypoint Studio, have a mitigation in place to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. Please see additional details here. cisagov 2022-01-26
Salesforce Pardot All Fixed link Pardot was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Sales Cloud All Fixed link Sales Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Service Cloud All Fixed link Service Cloud was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Slack All Fixed link Slack was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. Additional details are available here. cisagov 2022-01-26
Salesforce Social Studio All Fixed link Social Studio was affected by CVE-2021-44228 and CVE-2021-45046. Salesforce-owned services and third-party vendors have been patched to address the issues currently identified in CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Salesforce Tableau (On-Premise) < 2021.4.1 Fixed link Tableau (On-Premise) was affected by CVE-2021-44228 and CVE-2021-45046. Patches to address the issues currently identified in both CVE-2021-44228 and CVE-2021-45046 are available for download. Additional details are available here. cisagov 2021-12-16
Salesforce Tableau (Online) All Fixed link Tableau Online was affected by CVE-2021-44228 and CVE-2021-45046. Services have been patched to mitigate the issues currently identified in both CVE-2021-44228 and CVE-2021-45046. cisagov 2022-01-26
Samsung Electronics America Knox Admin Portal Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Asset Intelligence Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Configure Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox E-FOTA One Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Guard Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox License Management Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Manage Cloud Fixed link cisagov 2022-01-17
Samsung Electronics America Knox Managed Services Provider (MSP) Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Mobile Enrollment Not Affected link cisagov 2022-01-17
Samsung Electronics America Knox Reseller Portal Cloud Fixed link cisagov 2022-01-17
Sangoma Unknown link cisagov 2022-01-12
SAP Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAP Advanced Platform Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAP BusinessObjects Unknown link The support document is available to customers only and has not been reviewed by CISA cisagov 2021-12-17
SAS Unknown link cisagov 2022-01-12
SASSAFRAS Unknown link cisagov 2022-01-12
Savignano software solutions Unknown link cisagov 2022-01-12
SBT SBT <1.5.6 Affected link cisagov 2021-12-15
ScaleComputing Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
ScaleFusion MobileLock Pro Unknown link cisagov 2022-01-12
Schneider Electric EASYFIT Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Ecoreal XL Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric EcoStruxure IT Expert Cloud Fixed cisagov 2021-12-20
Schneider Electric EcoStruxure IT Gateway V1.5.0 to V1.13.0 Fixed link cisagov 2021-12-20
Schneider Electric Eurotherm Data Reviewer V3.0.2 and prior Affected link cisagov 2021-12-20
Schneider Electric Facility Expert Small Business Cloud Fixed link cisagov 2021-12-20
Schneider Electric MSE Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric NetBotz750/755 Software versions 5.0 through 5.3.0 Affected link cisagov 2021-12-20
Schneider Electric NEW630 Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK BOM Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-Docgen Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-TNC Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK-UMS Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK3D2DRenderer Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SDK3D360Widget Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Select and Config DATA Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNC-API Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNC-CMM Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SNCSEMTECH Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SPIMV3 Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SWBEditor Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric SWBEngine Current software and earlier Affected link cisagov 2021-12-20
Schneider Electric Wiser by SE platform Cloud Fixed cisagov 2021-12-20
Schweitzer Engineering Laboratories Unknown link cisagov 2021-12-21
SCM Manager Unknown link cisagov 2022-01-12
ScreenBeam Unknown link cisagov 2022-01-12
SDL worldServer Unknown link cisagov 2022-01-12
Seagull Scientific Unknown link cisagov 2022-01-12
SecurePoint Unknown link cisagov 2022-01-12
Security Onion Unknown link cisagov 2022-01-12
Securonix Extended Detection and Response (XDR) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix Next Gen SIEM All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix Security Analytics and Operations Platform (SOAR) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Securonix SNYPR Application Unknown link cisagov 2021-12-10
Securonix User and Entity Behavior Analytics(UEBA) All Affected link Patching ongoing as of 12/10/2021 cisagov 2021-12-10
Seeburger Unknown link This advisory is available to customers only and has not been reviewed by CISA. cisagov 2022-01-12
SentinelOne Unknown link cisagov 2022-01-12
Sentry Unknown link cisagov 2022-01-12
SEP Unknown link cisagov 2022-01-12
Server Eye Unknown link cisagov 2022-01-12
ServiceNow Unknown link cisagov 2022-01-12
ServiceTitan ServiceTitan Cloud Fixed link cisagov 2022-02-07
Shibboleth Unknown link cisagov 2022-01-12
Shibboleth All Products Not Affected link cisagov 2021-12-10
Shopify Unknown link cisagov 2022-01-12
Siebel Unknown link cisagov 2022-01-12
Siemens Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-22
Siemens Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-19
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-21
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-20
Siemens Energy Affected Products Unknown link Siemens requests: See pdf for the complete list of affected products, CSAF for automated parsing of data cisagov 2021-12-16
Siemens Healthineers ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1 Unknown link If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. cisagov 2021-12-22
Siemens Healthineers CENTRALINK v16.0.2 / v16.0.3 Unknown link If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative. cisagov 2021-12-22
Siemens Healthineers Cios Flow S1 / Alpha / Spin VA30 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Cios Select FD/I.I. VA21 / VA21-S3P Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers DICOM Proxy VB10A Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers go.All, Som10 VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Fit, Som10 VA30 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Now, Som10 VA10 / VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Open Pro, Som10 VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Sim, Som10 VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers go.Up, Som10 VA10 / VA20 / VA30 / VA40 Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Altea NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Amira NUMARIS/X VA12M Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Free.Max NUMARIS/X VA40 Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Lumina NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sempra NUMARIS/X VA12M Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sola fit NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Sola NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Vida fit NUMARIS/X VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers MAGNETOM Vida NUMARIS/X VA10A* / VA20A Unknown link LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected. cisagov 2021-12-22
Siemens Healthineers SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Somatom Emotion Som5 VC50 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Somatom Scope Som5 VC50 Unknown link evaluation ongoing cisagov 2021-12-22
Siemens Healthineers Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers Syngo MobileViewer VA10A Unknown link The vulnerability will be patch/mitigated in upcoming releases/patches. cisagov 2021-12-22
Siemens Healthineers syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91 Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96 Unknown link Please contact your Customer Service to get support on mitigating the vulnerability. cisagov 2021-12-22
Siemens Healthineers syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01 Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers syngo.via WebViewer VA13B / VA20A / VA20B Unknown link Workaround: remove the vulnerable class from the .jar file cisagov 2021-12-22
Siemens Healthineers X.Ceed Somaris 10 VA40* Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Siemens Healthineers X.Cite Somaris 10 VA30*/VA40* Unknown link Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network. cisagov 2021-12-22
Sierra Wireless Unknown link cisagov 2022-01-12
Sierra Wireless AirVantage and Octave cloud platforms Unknown link These systems do not operate with the specific non-standard configuration required for CVE-2021-25046 and hence were not vulnerable to it. cisagov 2022-01-05
Sierra Wireless AM/AMM servers Unknown link cisagov 2022-01-05
Signald Unknown link cisagov 2022-01-12
Silver Peak Orchestrator, Silver Peak GMS Unknown link Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit. cisagov 2021-12-14
SingleWire Unknown link This advisory is available to customers only and has not been reviewed by CISA cisagov 2022-01-12
SISCO Unknown link cisagov 2022-01-05
Sitecore Unknown link cisagov 2022-01-12
Skillable Unknown link cisagov 2022-01-12
SLF4J Unknown link cisagov 2022-01-12
Slurm Slurm Not Affected link cisagov 2021-12-21
SMA Solar Technology AG Unknown link cisagov 2022-01-05
SmartBear Unknown link cisagov 2022-01-12
SmileCDR Unknown link cisagov 2022-01-12
Sn0m Unknown link cisagov 2022-01-12
Snakemake Snakemake Not Affected link cisagov 2021-12-21
Snow Software Snow Commander 8.1 to 8.10.2 Fixed link cisagov 2022-01-12
Snow Software VM Access Proxy v3.1 to v3.6 Fixed link cisagov 2022-01-12
Snowflake Unknown link cisagov 2022-01-12
Snyk Cloud Platform Unknown link cisagov 2022-01-12
Software AG Unknown link cisagov 2022-01-12
SolarWinds Database Performance Analyzer (DPA) 2021.1.x, 2021.3.x, 2022.1.x Affected link For more information, please see the following KB article: link cisagov 2021-12-23
SolarWinds Orion Platform Unknown link cisagov 2021-12-23
SolarWinds Server & Application Monitor (SAM) SAM 2020.2.6 and later Affected link For more information, please see the following KB article for the latest details specific to the SAM hotfix: link cisagov 2021-12-23
SonarSource Unknown link cisagov 2022-01-12
Sonatype All Products Not Affected link Sonatype uses logback as the default logging solution as opposed to log4j. This means our software including Nexus Lifecycle, Nexus Firewall, Nexus Repository OSS and Nexus Repository Pro in versions 2.x and 3.x are NOT affected by the reported log4j vulnerabilities. We still advise keeping your software upgraded at the latest version. cisagov 2021-12-29
SonicWall Access Points Unknown link Log4j2 not used in the SonicWall Access Points cisagov 2021-12-12
SonicWall Analytics Unknown link Under Review cisagov 2021-12-12
SonicWall Analyzer Unknown link Under Review cisagov 2021-12-12
SonicWall Capture Client & Capture Client Portal Unknown link Log4j2 not used in the Capture Client. cisagov 2021-12-12
SonicWall Capture Security Appliance Unknown link Log4j2 not used in the Capture Security appliance. cisagov 2021-12-12
SonicWall CAS Unknown link Under Review cisagov 2021-12-12
SonicWall Email Security Unknown link ES 10.0.11 and earlier versions are impacted cisagov 2021-12-17
SonicWall Gen5 Firewalls (EOS) Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall Gen6 Firewalls Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall Gen7 Firewalls Unknown link Log4j2 not used in the appliance. cisagov 2021-12-12
SonicWall GMS Unknown link Under Review cisagov 2021-12-12
SonicWall MSW Unknown link Mysonicwall service doesn't use Log4j cisagov 2021-12-12
SonicWall NSM Unknown link NSM On-Prem and SaaS doesn't use a vulnerable version cisagov 2021-12-12
SonicWall SMA 100 Unknown link Log4j2 not used in the SMA100 appliance. cisagov 2021-12-12
SonicWall SMA 1000 Unknown link Version 12.1.0 and 12.4.1 doesn't use a vulnerable version cisagov 2021-12-12
SonicWall SonicCore Unknown link SonicCore doesn't use a Log4j2 cisagov 2021-12-12
SonicWall SonicWall Switch Unknown link Log4j2 not used in the SonicWall Switch. cisagov 2021-12-12
SonicWall WAF Unknown link Under Review cisagov 2021-12-12
SonicWall WNM Unknown link Log4j2 not used in the WNM. cisagov 2021-12-12
SonicWall WXA Unknown link WXA doesn't use a vulnerable version cisagov 2021-12-12
Sophos Cloud Optix Unknown link Users may have noticed a brief outage around 12:30 GMT as updates were deployed. There was no evidence that the vulnerability was exploited and to our knowledge no customers are impacted. cisagov 2021-12-12
Sophos Reflexion Unknown link Reflexion does not run an exploitable configuration. cisagov 2021-12-12
Sophos SG UTM (all versions) Unknown link Sophos SG UTM does not use Log4j. cisagov 2021-12-12
Sophos SG UTM Manager (SUM) (all versions) Not Affected link SUM does not use Log4j. cisagov 2021-12-12
Sophos Sophos Central Unknown link Sophos Central does not run an exploitable configuration. cisagov 2021-12-12
Sophos Sophos Firewall (all versions) Unknown link Sophos Firewall does not use Log4j. cisagov 2021-12-12
Sophos Sophos Home Unknown link Sophos Home does not use Log4j. cisagov 2021-12-12
Sophos Sophos Mobile Unknown link Sophos Mobile (in Central, SaaS, and on-premises) does not run an exploitable configuration. cisagov 2021-12-12
Sophos Sophos Mobile EAS Proxy < 9.7.2 Affected link The Sophos Mobile EAS Proxy, running in Traffic Mode, is affected. Customers will need to download and install version 9.7.2, available from Monday December 13, 2021, on the same machine where it is currently running. PowerShell mode is not affected. Customers can download the Standalone EAS Proxy Installer version 9.7.2 from the Sophos website. cisagov 2021-12-12
Sophos Sophos ZTNA Unknown link Sophos ZTNA does not use Log4j. cisagov 2021-12-12
SOS Berlin Unknown link cisagov 2022-01-12
Spacelabs Healthcare ABP Not Affected link cisagov 2022-01-05
Spacelabs Healthcare CardioExpress Not Affected link cisagov 2022-01-05
Spacelabs Healthcare DM3 and DM4 Monitors Unknown link cisagov 2022-01-05
Spacelabs Healthcare Eclipse Pro Unknown link cisagov 2022-01-05
Spacelabs Healthcare EVO Unknown link cisagov 2022-01-05
Spacelabs Healthcare Intesys Clinical Suite (ICS) Unknown link cisagov 2022-01-05
Spacelabs Healthcare Intesys Clinical Suite (ICS) Clinical Access Workstations Unknown link cisagov 2022-01-05
Spacelabs Healthcare Lifescreen Pro Unknown link cisagov 2022-01-05
Spacelabs Healthcare Pathfinder SL Unknown link cisagov 2022-01-05
Spacelabs Healthcare Qube Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Qube Mini Not Affected link cisagov 2022-01-05
Spacelabs Healthcare SafeNSound 4.3.1 Fixed link Version >4.3.1 - Not Affected cisagov 2022-01-05
Spacelabs Healthcare Sentinel Unknown link cisagov 2022-01-05
Spacelabs Healthcare Spacelabs Cloud Unknown link cisagov 2022-01-05
Spacelabs Healthcare Ultraview SL Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xhibit Telemetry Receiver (XTR) Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xhibit, XC4 Not Affected link cisagov 2022-01-05
Spacelabs Healthcare XprezzNet Not Affected link cisagov 2022-01-05
Spacelabs Healthcare Xprezzon Not Affected link cisagov 2022-01-05
Spambrella Unknown link cisagov 2022-01-12
Spigot Unknown link cisagov 2022-01-12
Splunk Data Stream Processor DSP 1.0.x, DSP 1.1.x, DSP 1.2.x Affected link cisagov 2021-12-30
Splunk IT Essentials Work App ID 5403 4.11, 4.10.x (Cloud only), 4.9.x Affected link cisagov 2021-12-30
Splunk IT Service Intelligence (ITSI) App ID 1841 4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x Affected link cisagov 2021-12-30
Splunk Splunk Add-On for Java Management Extensions App ID 2647 5.2.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Add-On for Tomcat App ID 2911 3.0.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Application Performance Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Connect for Kafka All versions prior to 2.0.4 Affected link cisagov 2021-12-30
Splunk Splunk Enterprise (including instance types like Heavy Forwarders) All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions. Affected link cisagov 2021-12-30
Splunk Splunk Enterprise Amazon Machine Image (AMI) See Splunk Enterprise Affected link cisagov 2021-12-30
Splunk Splunk Enterprise Docker Container See Splunk Enterprise Affected link cisagov 2021-12-30
Splunk Splunk Infrastructure Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Log Observer Current Affected link cisagov 2021-12-30
Splunk Splunk Logging Library for Java 1.11.0 and older Affected link cisagov 2021-12-30
Splunk Splunk On-call / VictorOps Current Affected link cisagov 2021-12-30
Splunk Splunk OVA for VMWare App ID 3216 4.0.3 and older Affected link cisagov 2021-12-30
Splunk Splunk OVA for VMWare Metrics App ID 5096 4.2.1 and older Affected link cisagov 2021-12-30
Splunk Splunk Real User Monitoring Current Affected link cisagov 2021-12-30
Splunk Splunk Splunk Add-On for JBoss App ID 2954 3.0.0 and older Affected link cisagov 2021-12-30
Splunk Splunk Synthetics Current Affected link cisagov 2021-12-30
Splunk Splunk UBA OVA Software 5.0.3a, 5.0.0 Affected link cisagov 2021-12-30
Splunk Splunk VMWare OVA for ITSI App ID 4760 1.1.1 and older Affected link cisagov 2021-12-30
Sprecher Automation Unknown link cisagov 2022-01-12
Spring Spring Boot Unknown link Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2 cisagov 2022-01-12
Spring Boot Unknown link cisagov 2022-01-12
StarDog Unknown link cisagov 2022-01-12
STERIS Advantage Unknown link cisagov 2021-12-22
STERIS Advantage Plus Unknown link cisagov 2021-12-22
STERIS AMSCO 2000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 3000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 400 MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO 400 SMALL STEAM STERILIZERS Unknown link cisagov 2021-12-22
STERIS AMSCO 5000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO 600 MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO 7000 SERIES WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS AMSCO CENTURY MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO CENTURY SMALL STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS Unknown link cisagov 2021-12-22
STERIS AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS AMSCO EVOLUTION MEDIUM STEAM STERILIZER Unknown link cisagov 2021-12-22
STERIS Canexis 1.0 Unknown link cisagov 2021-12-22
STERIS CELERITY HP INCUBATOR Unknown link cisagov 2021-12-22
STERIS CELERITY STEAM INCUBATOR Unknown link cisagov 2021-12-22
STERIS CER Optima Unknown link cisagov 2021-12-22
STERIS Clarity Software Unknown link cisagov 2021-12-22
STERIS Connect Software Unknown link cisagov 2021-12-22
STERIS ConnectAssure Technology Unknown link cisagov 2021-12-22
STERIS ConnectoHIS Unknown link cisagov 2021-12-22
STERIS CS-iQ Sterile Processing Workflow Unknown link cisagov 2021-12-22
STERIS DSD Edge Unknown link cisagov 2021-12-22
STERIS DSD-201, Unknown link cisagov 2021-12-22
STERIS EndoDry Unknown link cisagov 2021-12-22
STERIS Endora Unknown link cisagov 2021-12-22
STERIS Harmony iQ Integration Systems Unknown link cisagov 2021-12-22
STERIS Harmony iQ Perspectives Image Management System Unknown link cisagov 2021-12-22
STERIS HexaVue Unknown link cisagov 2021-12-22
STERIS HexaVue Integration System Unknown link cisagov 2021-12-22
STERIS IDSS Integration System Unknown link cisagov 2021-12-22
STERIS RapidAER Unknown link cisagov 2021-12-22
STERIS ReadyTracker Unknown link cisagov 2021-12-22
STERIS RealView Visual Workflow Management System Unknown link cisagov 2021-12-22
STERIS RELIANCE 444 WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE SYNERGY WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR Unknown link cisagov 2021-12-22
STERIS Renatron Unknown link cisagov 2021-12-22
STERIS ScopeBuddy+ Unknown link cisagov 2021-12-22
STERIS SecureCare ProConnect Technical Support Services Unknown link cisagov 2021-12-22
STERIS Situational Awareness for Everyone Display (S.A.F.E.) Unknown link cisagov 2021-12-22
STERIS SPM Surgical Asset Tracking Software Unknown link cisagov 2021-12-22
STERIS SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM Unknown link cisagov 2021-12-22
STERIS VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS Unknown link cisagov 2021-12-22
Sterling Order IBM Unknown link cisagov 2022-01-12
Storagement Unknown link cisagov 2022-01-12
StormShield Unknown link cisagov 2022-01-12
StrangeBee TheHive & Cortex Unknown link cisagov 2022-01-12
Stratodesk Unknown link cisagov 2022-01-12
Strimzi Unknown link cisagov 2022-01-12
Stripe Unknown link cisagov 2022-01-12
Styra Unknown link cisagov 2022-01-12
Sumologic Unknown link cisagov 2022-01-12
SumoLogic Unknown link cisagov 2022-01-12
Superna EYEGLASS Unknown link cisagov 2022-01-12
Suprema Inc Unknown link cisagov 2022-01-12
SUSE Unknown link cisagov 2022-01-12
Sweepwidget Unknown link cisagov 2022-01-12
Swyx Unknown link cisagov 2022-01-12
Synchro MSP Unknown link cisagov 2022-01-12
Syncplify Unknown link cisagov 2022-01-12
Synology Unknown link cisagov 2022-01-12
Synopsys Unknown link cisagov 2022-01-12
Syntevo Unknown link cisagov 2022-01-12
SysAid Unknown link cisagov 2022-01-12
Sysdig Unknown link cisagov 2022-01-12