How to find applications & services that use Log4J

runZero can help you build an up-to-date asset inventory and search for assets that may be affected by Log4J vulnerabilities, such as Log4shell. runZero is not a vulnerability scanner, but you can share runZero’s results with your security team for investigation and mitigation.

What is Log4j? #

Internet discussion was abuzz on December 9th about an 0-day vulnerability that can yield remote code execution (RCE) in Apache’s popular Log4J logging library for Java. This particular vulnerability — tracked as CVE-2021-44228 with the maximum “critical” CVSS score of 10 — resides in Log4J’s lookup capability, combined with JNDI (Java Naming and Directory Interface). This issue is widespread because many developers were unaware that Log4J was dangerous to use with unfiltered input.

The most significant impact is that an attacker can cause a string to reach the logger, that when processed by Log4J, executes arbitrary code. The first examples of this used the ${jndi:ldap} path, which could lead to arbitrary code being loaded from a remote URL. This path is partially mitigated by the use of newer Java runtimes that block the URL-based class loader by default. Unfortunately, a modern version of Java may not be enough to prevent exploitation, as the application itself may expose classes that can be used to run arbitrary code.

While Apache released fixes to CVE-2021-44228 in Log4J version 2.15.0, it was discovered these fixes were “incomplete in certain non-default configurations”, allowing for exploitation in certain circumstances (tracked as CVE-2021-45046 (with a “critical” CVSS core of 9.0), leading to a Log4J 2.16.0 release to address CVE-2021-45046.

Following that release, a new vulnerability was raised which can yield a denial-of-service attack via infinite recursion. Tracked as CVE-2021-45105 (and with a “high” CVSS score of 7.5), this vulnerability appeared to affect Log4J versions 2.8 through the most recent 2.16.0 release, and was fixed in versions 2.17.0 (for Java 8) and 2.12.3 (for Java 7).

Then on December 28th, security researchers at Checkmarx published findings of another RCE present in Log4J 2.17.0, one which requires the attacker have permissions to update the logging configuration and, when successful, can yield RCE. Tracked as CVE-2021-44832 (and with a “medium” CVSS score of 6.6), Apache released a fix for this latest vulnerability in Log4J versions 2.17.1 (for Java 8 and later), 2.12.4 (for Java 7), and 2.3.2 (for Java 6).

Impact of Log4J vulnerabilities #

The broad popularity of Log4J–coupled with the relative ease of exploiting this vulnerability–creates potential conditions for far-reaching exploitation (similar to Shellshock).

Google’s security team have scanned the contents of Maven Central and found over 35,000 affected packages, amounting to over 8% of those in the repository. Any application making use of the affected packages as dependencies may be vulnerable.

Affected applications include Elastic Search, Elastic LogStash, GrayLog2, Minecraft (client and server), Neo4J, many Apache projects (Druid, Dubbo, Flink, Flume, Hadoop, Kafka, Solr, Spark, Struts, Tapestry, Wicket), many VMware products (Horizon, vCenter, vRealize, HCX, NSX-T, UAG, Tanzu), Grails, and dozens if not hundreds of others. Log4J versions since 2.0 are reported to contain this vulnerability, which was originally disclosed to Apache several weeks ago by the security team at Alibaba Cloud.

How to stay on top of Log4Shell #

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently created a repo for tracking products/applications affected by Log4Shell, which will likely become the most reliable, long-term source-of-truth.

Note: runZero components–cloud platform, self-hosted, explorer, and CLI scanner–are not affected by this issue.

Patching and remediating vulnerable Log4J instances will continue to be an ongoing effort. Recently, an advanced persistent threat (APT) group has been observed installing rootkits in Windows systems vulnerable to Log4Shell. In fact, even some recent Log4J patching efforts themselves have led to other problems.

Government entities, such as CISA and the FTC, have reinforced the importance of patching, along with leveraging fines against businesses failing to take action. While it has been a long-haul response effort, the importance of remediating software and systems vulnerable to Log4Shell remains clear.

How to mitigate Log4J vulnerabilities #

Patches were made available to prevent code execution Log4J version 2.15.0, but these patches did not disable inline message lookup, which can expose things like environment variables and system configuration settings to an attacker that can observe the generated logs. Additional patches were made available in Log4J version 2.16.0 to make JNDI lookups disabled by default, limited to certain protocols, and only localhost allowed by default. Further patches have been made in Log4J version 2.17.0 to protect from uncontrolled recursion via self-referential lookups, along with additional patches in Log4J version 2.17.1 for limiting JNDI data source names to the java protocol.

For mitigations that folks can take immediately, Apache has offered some guidance.

Note: Initially it was thought that the problem could be mitigated by setting log4j2.formatMsgNoLookups or the environment variable LOG4J_FORMAT_MSG_NO_LOOKUPS. Apache have now clarified that those mitigation strategies are insufficient.

Mitigating these issues requires one of the following actions:

Upgrading your Log4J version:
- This will remediate all recent known vulnerabilities.
- Log4J v2.17.1 or higher (for Java 8 users).
- Log4J v2.12.4 or higher (for Java 7 users).
- Log4J v2.3.2 or higher (for Java 6 users).
Removing the JndiLookup class from the jars in the classpath:
- This only mitigates CVE-2021-44228 and CVE-2021-45046.
- NOTE: that this mitigation is not valid for Log4J version 2.16.0.

$ zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class

Overriding the org.apache.logging.log4j.core.lookup.JndiLookup class by making appropriate changes to your classloader configuration:
- This only mitigates CVE-2021-44228 and CVE-2021-45046.

It is worth noting that an updated version of the Java runtime is not a sufficient mitigation. Newer versions of Java block the URL class loader by default, but can still be abused to leak secrets from the environment, and deserialization attacks may still succeed using classes already loaded by the process.

How to find applications that use Log4J with runZero #

Identifying every application, device, and service using the Log4J library is going to be an ongoing effort for security professionals. We will continue updating this post and our pre-built queries as more information becomes available.

The following query can be used to identify applications that are likely to be affected by this issue:

product:atlassian or product:avaya or product:coldfusion or product:coyote or product:cpanel or product:druid or product:"elastic search" or product:"epolicy orchestrator" or product:flink or product:graylog or product:hadoop or product:horizon or product:imc or product:jamf or product:jboss or product:jetty or (product:"kerio connect" and protocol:http) or product:logstash or product:metabase or product:minecraft or product:mongodb or product:neo4j or product:openfire or product:pega or product:recoverpoint or product:resin or product:rundeck or product:symantec or product:sonicwall or product:solarwinds or product:sophos or product:splunk or product:tableau or product:tomcat or product:="ubiquiti unifi" or product:"vmware horizon" or product:"vmware vcenter" or product:"vmware vrealize" or product:"vmware site recovery" or product:vmanage or product:wowza or hw:netapp or hw:imc or hw:"ucs manager" or hw:"crosswork son appliance" or hw:"site recovery manager" or hw:sonicwall or tcp_port:8983 or tcp_port:9092 or tcp_port:7077 or tcp_port:5347 or protocol:cassandra or protocol:elasticsearch

As always, any prebuilt queries we create are available from our Queries Library. Check out the library for other useful inventory queries. Self-hosted customers may copy the query above, or use the Export System Queries option to download an importable query set from the cloud console.

Scan with runZero to help with Log4J #

Get runZero free for 21 days. Build your asset inventory and identify apps using Log4J–in minutes.

Start your trial

Acknowledgements #

Thanks to LunarSec for their initial and continued efforts.
Thanks to Bishop Fox for tracking open source applications early on.
Thanks to YfryTchsG for testing everything on the internet and sharing screenshots.
Thanks to SwitHak for building the Blue Team Log4Shell Cheat Sheet.
Thanks to Royce Williams for his extensive list.

Affected products and services #

ABB #

ABB Remote Service — Versions affected: ABB Remote Platform (RAP)

Adobe #

Akamai #

SIEM Splunk Connector — Versions affected: All

Amazon #

Open Search

Apache #

Cassandra — via appender.
Druid
Dubbo
Flink
Geode
Hadoop
James
Kafka
Karaf — Depends on PAX logging which is affected.
Solr
Spark
Storm — via Docker.
Struts
Tapestry
Tika
Wicket

APC #

PowerChute Business Edition — Unknown to 10.0.2.301 affected.
PowerChute Network Shutdown — Unknown to 4.2.0 affected.

Apereo #

CAS — Versions affected: 6.3.X & 6.4.X
Opencast — Versions affected: < 9.10, < 10.6

Appeon #

PowerBuilder — Versions affected: Appeon PowerBuilder 2017-2021 regardless of product edition

Aptible #

Aptible — Versions affected: ElasticSearch 5.X

Arista #

Analytics Node for Converged Cloud Fabric — Affected: DMF (BMF) 7.0.0 and later.

CloudVision

CloudVision Portal — Affected: 2019.1.0 and all later releases

Cognitive Wi-Fi

CloudVision Wi-Fi, virtual appliance or physical appliance — Affected: 8.8 and all later releases

DANZ Monitoring Fabric

Analytics Node for DANZ Monitoring Fabric — Affected: DMF (BMF) 7.0.0 and later.
Embedded Analytics for Converged Cloud Fabric — Affected: Embedded Analytics for Converged Cloud Fabric

Ascertia #

Advanced Digital Signing Server — include Log4J jar files in their packages.
PrimeKey EJBCA — include Log4J jar files in their packages.
PrimeKey SignServer — include Log4J jar files in their packages.

Atlassian #

Atlassian Products — Self-hosted if configured with log4j.
Bamboo — Self-hosted if configured with log4j.
Confluence — Self-hosted if configured with log4j.
Crowd — Self-hosted if configured with log4j.
Cruicible — Self-hosted if configured with log4j.
Fisheye — Self-hosted if configured with log4j.
Jira — Self-hosted if configured with log4j.

Avaya #

The current list can be found in the advisory. Some products are still under investigation.

Avaya ACCS IPO on Azure — Afffected versions: 11.0.4.1 to 11.0.4.6, 11.1.0.0 to 11.1.2.0
Avaya Analytics — Affected versions: 4.1.0.0, 4.1.0.1, 4.1.1.0
Avaya Aura Application Enablement Services — All versions affected.
Avaya Aura Call Center Elite Multichannel — Affected versions: 6.6. and its service packs
Avaya Aura Contact Center — Affected versions: 7.0.3, 7.1.X
Avaya Aura Device Services — Affected versions: s 8.0.1.X, 8.0.2.X ,8.1.3.X, 8.1.4.X, 8.1.5.X, 10.1.0.0
Avaya Aura Media Server — Affected versions: 8.0.0, 8.0.1, 8.0.2
Avaya Aura Presence Services — Afected versions: 7.X, 8.X, 10.1.0.0
Avaya Aura Session Manager — All versions affected.
Avaya Aura System Manager — Affected versions: 8.0 - 8.1.2, 8.1.3, 10.1
Avaya Aura Web Gateway — Affected versions: 3.7.0.1 - 3.11.0.0
Avaya Aura Workforce Optimization (WFO) — All versions affected.
Avaya Aura Workforce Optimization Advanced — Affected versions: 15.2 HFR7
Avaya Breeze — Affected versions: 3.6.X, 3.7.X, 3.8.X
Avaya Co-Browsing Snap-in — Affected versions: 3.4, 3.6, 3.6.1, 3.7, 3.8, 3.8.1, 3.8.1.1
Avaya Contact Center Select — Affected versions: 7.0.3, 7.1.X
Avaya Converged Platform 4200 — Affected versions: 4.0
Avaya CRM Connector - Connected Desktop — Affected versions: 2.2
Avaya IP Office — Affected versions: 3.0.3, 3.0.4
Avaya IP Office Platform — Affected versions: 11.0.4.1 to 11.0.4.6, 11.1.0.0 to 11.1.2.0
Avaya Meetings Management — Affected versions 9.1.X
Avaya Meetings Server — All versions affected.
Avaya Meetings Streaming and Recording — All versions affected.
Avaya Oceana Solution — All versions affected.
Avaya Oceana Workspaces — All versions affected.
Avaya Session Border Controller for Enterprise — All versions affected.
Avaya Social Media Hub — Affected versions: 1.1
Avaya Solutions Platform 4200 — Affected versions: 4.0, 4.1.X
Avaya WebRTC Connect — Affected versions: 4.0, 4.1.X
Avaya Workforce Engagement — All versions affected.
Avaya Workforce Engagement Select — Affected versions: 5.3, 5.3.0.1, 5.3.0.2
Avaya Workspaces — All versions affected.
Business Rules Engine — Affected versions: 3.3, 3.4, 3.5, 3.6, 3.7
Callback Assist — Affected versions: 5.0.0.X, 5.0.1.X
Control Manager — Affected versions: 9.0.2.X
Device Enrollment Service — Version 3.1 affected.
Equinox Conferencing — Versions affected: 9.1.2
GSMB: Hospitality - Middleware FOIS — Versions affected: 6.1, 6.3
GSMB: Medial — Versions affected: 6, 6.1, 6.5
Interaction Center — All versions affected.
IP Office Platform — Affected versions: 11.0.4.1 to 11.0.4.6, 11.1.0.0 to 11.1.2.0
Proactive Outreach Manager — Affected versions: 3.1.2.X, 3.1.3.X, 4.0.X, 4.0.1.X

BeyondTrust #

Privilege Management (PM) Cloud — Affected, version not reported.
Privilege Management Reporting (PMR) — Affected versions: 21.2 (for BeyondInsight 21.3)

BMC Software #

The current list can be found in the advisory.

Bladelogic Database Automation
BMC AMI Ops Common Rest API (CRA)
BMC AMI Ops Infrastructure (MVI)
BMC AMI Ops Insight
BMC AMI Ops UI
BMC Client Management
BMC Discovery
BMC Helix Continuous Optimization
BMC License Usage Collection Utility
CMDB
Control-M
Helix Data Manager
MainView Middleware Monitor
Remedy Smart Reporting
Sentry Storage All-in-One ETL
Sentry Storage Analyzer KM
Sybase KM
TrueSight App Visibility Manager
TrueSight Automation Console
TrueSight Automation for Networks
TrueSight Automation for Servers
TrueSight Infrastructure Management
TrueSight IT Data Analytics
TrueSight Operations Management
TrueSight Smart Reporting
TSOM Smart Reporting

Brainworks #

Kerio Connect — version <9.4 is affected by the vulnerability CVE-2021-44228.

Broadcom (CA, Symantec) #

The current list can be found in the advisory.

CA Advanced Authentication, CA Risk Authentication, CA Strong Authentication
CA Automic & CA Continuous Delivery
Layer7 API Developer Portal — Versions 4.4, 4.5, 5.0, 5.0 CR1, 5.0.2, and 5.0.2.1 affected.
Layer7 API Developer Portal SaaS — Version 5.0.3 affected.
Layer7 API Gateway — Versions 9.4, 10.0, and 10.1 affected.
Layer7 Live API Creator — Versions 5.1-5.3 (EOS) and 5.4 affected.
LiveUpdate Administrator (LUA) — Possibly affected.
Symantec Endpoint Detection and Response (EDR) On-premise — Versions 2.X, 3.X, and 4.X affected.
Symantec Endpoint Protection Manager (SEPM) — Versions 14.2 and above are affected.
Symantec Identity Governance and Administration — Versions 14.2, 14.3, and 14.4 affected.
Symantec PAM Server Control — Versions 14.0.X and 14.1.X affected.
Symantec Privileged Access Manager — Versions 3.4.X and 4.0.X affected.
Symantec Privileged Identity Manager — Versions 12.9.X and 14.0 affected.
Symantec SiteMinder (CA Single Sign-on) — Some 12.7.X and 12.8.X components affected.
VIP Authentication Hub (separate from VIP SaaS) — All supported versions affected.

CaseWare #

Cloud — Versions affected: unknown

CIS-CAT #

CIS-CAT Pro Assessor Service v4 — Versions < 1.13.0 affected.
CIS-CAT Pro Assessor v3 — Versions < 3.0.77 affected.
CIS-CAT Pro Assessor v4 — Versions < 4.13.0 affected.
CSAT Pro — Versions < 1.7.1 affected.

CIS-CAT #

CIS-CAT Lite

Cisco #

The current list can be found in the advisory. Many other products are still under investigation.

Cisco Cloud Hosted Services

Collaboration and Social Media

Cisco Webex Meetings Server

Network and Content Security Devices

Network Management and Provisioning

Voice and Unified Communications Devices

Other

Cisco Common Services Platform Collector (CSPC)

Cloudera #

Ambari — Versions affected: 2.X, 1.X
Arcadia Enterprise — Versions affected: 7.1.X
CDH, HDP, and HDF — Versions affected: 6.X
CDP Private Cloud Base — Versions affected: 7.X
CDS 3 Powered by Apache Spark — Versions affected: All versions
CDS 3.2 for GPUs — Versions affected: All versions
Cloudera Cybersecurity Platform — Versions affected: All versions
Cloudera Data Engineering (CDE) — Versions affected: All versions
Cloudera Data Science Workbench (CDSW) — Versions affected: 2.X, 3.X
Cloudera Data Warehouse (CDW) — Versions affected: All versions
Cloudera Edge Management (CEM) — Versions affected: All versions
Cloudera Enterprise — Versions affected: 6.X
Cloudera Flow Management (CFM) — Versions affected: All versions
Cloudera Machine Learning (CML) — Versions affected: All versions
Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) — Versions affected: All versions
Cloudera Runtime (including Cloudera Data Hub and all Data Hub templates) — Versions affected: 7.0.X, 7.1.X, 7.2.X
Cloudera Stream Processing (CSP) — Versions affected: All versions
Data Steward Studio (DSS) — Versions affected: All versions
Hortonworks Data Platform (HDP) — Versions affected: 7.1.X, 2.7.X, 2.6.X
Management Console — Versions affected: All versions
Workload XM — Versions affected: All versions

Cloudogu #

Ecosystem — Versions affected: All

Commvault #

Confluent #

Confluent ElasticSearch Sink Connector — Versions affected: < 11.1.7
Confluent Google DataProc Sink Connector — Versions affected: < 1.1.5
Confluent HDFS 2 Sink Connector — Versions affected: < 10.1.3
Confluent HDFS 3 Sink Connector — Versions affected: < 1.1.8
Confluent Platform — Versions affected: < 7.0.1
Confluent Splunk Sink Connector — Versions affected: < 2.05
Confluent VMWare Tanzu GemFire Sink Connector — Versions affected: < 1.0.8

Decos #

JOIN Zaak & Document (Private Cloud) — Versions affected: All

Dell #

EMC

EMC Avamar
EMC BSN Controller Node
EMC Cloud Disaster Recovery
EMC Data Protection Advisor
EMC Data Protection Central — Versions 1.0.0, 1.0.1, 18.1, 18.2, 19.1, 19.2, 19.3, 19.4 affected.
EMC Data Protection Search — Affected
EMC ECS
EMC Enterprise Storage Analytics for vRealize Operations
EMC IDPA System Manager — Versions 18.1, 18.2, 19.2 affected.
EMC Integrated System for Azure Stack HCI
EMC Integrated System for Microsoft Azure Stack Hub
EMC Metro Node
EMC NetWorker / NetWorker VE
EMC Networking Virtual Edge Platform with VersaOS
EMC ObjectScale — Affected
EMC Open Management Enterprise - Modular
EMC OpenManage Enterprise Services
EMC PowerFlex Appliance — Affected,
EMC PowerFlex Manager — Affected
EMC PowerFlex Rack — Affected
EMC PowerFlex Software (SDS)
EMC PowerProtect Data Manager — Affected; Workaround expected 12/15
EMC PowerProtect DP Series Appliance (iDPA) — Affected; Workaround expected 12/15
EMC PowerStore — Affected; Workaround expected 12/31
EMC RecoverPoint — Affected.
EMC Ruckus SmartZone 100 Controller
EMC Ruckus SmartZone 300 Controller
EMC Ruckus Virtual Software
EMC SRM vApp
EMC Streaming Data Platform — Affected
EMC Unity — Affected; Workaround expected 12/31
EMC VxRail Appliance — 4.5.x versions affected.
EMC XC
Networker — Affected; Workaround expected 12/15
Networker VE — Affected

Other

Apex Console
Apex Data Storage Services
Cloud IQ
Connectrix (Cisco MDS DCNM)
Connectrix B-Series SANnav
Data Domain OS — Versions 6.1 and 6.2 to 7.3 to 7.6 affected.
Open Management Enterprise - Modular — Affected; Workaround expected 12/17
OpenManage Enterprise
Secure Connect Gateway (SCG) 5.0 Appliance — Affected
Secure Connect Gateway (SCG) Policy Manager
SmartFabric Director
SMR — Versions prior to 4.5.0.1 affected.
SRM — Versions prior to 4.5.0.1 affected.
SRS Policy Manager
Storage Center - Dell Storage Manager
SupportAssist Enterprise — Affected
Unisphere Central — Affected
Vblock — Affected
VNXe 1600, 3200 — Affected
vRealize Data Protection Extension Data Management
vRealize Orchestrator (vRO) Plug-ins for Dell EMC Storage
VxBlock — Affected
VxFlex — Affected; Workaround expected 12/15
Wyse Management Suite — Version 3.5 and earlier affected.
Wyse Windows Embedded — Affected

Dell #

Other

Enterprise Hybrid Cloud — Affected

Eaton #

Undisclosed — Versions affected: undisclosed

Elastic #

Elastic has confirmed the vulnerability, but believes their mitigations make it difficult to exploit.

EVL Labs #

JGAAP — Versions affected: < 8.0.2

Ewon #

eCatcher — Versions affected: < 6.7.8

ExtraHop #

Reveal(x) — Versions affected: <=8.4.6, <=8.5.3, <=8.6.4

F-Secure #

F-Secure Elements Connector
F-Secure Endpoint Proxy
F-Secure Messaging Security Gateway
F-Secure Policy Manager — Note: Only the Policy Manager Server component is affected. Standalone installations of Policy Manager Console are not affected.
F-Secure Policy Manager for Linux
F-Secure Policy Manager Proxy
F-Secure Policy Manager Proxy for Linux

F5 #

Traffix SDC — Versions 5.2.0 CF1 and 5.1.0 CF-30 - 5.1.0 CF-33 affected, other F5 products themselves are not vulnerable. F5 published guidance on mitigating through BIG-IP ASM/Advanced WAF and NGINX App Protect

Filecloud #

Filecloud — FileCloud uses Apache Solr which in turn uses the log4j library.

ForgeRock #

Autonomous Identity

Fortinet #

FortiAIOps
FortiCASB — Fixed on 2021-12-10
FortiConverter Portal — Fixed on 2021-12-10
FortiCWP — Fixed on 2021-12-10
FortiEDR Cloud — Not exploitable. Additional precautionary mitigations put in place on 2021-12-10
FortiInsight — Not exploitable. Additional precautionary mitigations being investigated.
FortiIsolator — Fix scheduled for version 2.3.4
FortiMonitor — Mitigations for NCM & Elastiflow available
FortiPortal
FortiSIEM — Mitigation available
ShieldX

Github #

GitHub Enterprise Server — CVE-2021-44228 is only exposed to authenticated users. If an instance has been configured to not use private mode, this vulnerability may also be exposed to unauthenticated users.
GitHub.com and GitHub Enterprise Cloud — Still investigating.

Google Cloud #

See Google Cloud Log4j security advisory.

Actifio
Dataproc, Dataproc Metastore
Google Cloud Data Fusion — Customer action needed.
Google Cloud VMware Engine
Looker — Customer action needed.
Migrate for Compute Engine (M4CE)

Gradle #

Gradle Enterprise — Versions affected: < 2021.3.6
Gradle Enterprise Build Cache Node — Versions affected: < 10.1
Gradle Enterprise Test Distribution Agent — Versions affected: < 1.6.2

GuardedBox #

GuardedBox — Versions affected: < 3.1.2

HCL #

See the KB entries matching CVE-2021-44228 for additional details.

HPE #

3PAR Service Processor — Version 5.x affected.
Aruba NetInsight Network Analytics — All versions affected.
Authentication Server Function (AUSF) — AUSF: 1.2107.0, 1.2109.0, 1.2112.0 affected.
Cray EX System Monitoring Application — All versions affected.
Cray View for ClusterStor — Versions 1.3.1 affected.
Data Access Gateway (DAG) — v2.x and older affected.
Data Management Framework 7 — Version 7 affected.
Device Entitlement Gateway — Version 5 affected.
Dragon — Versions 7.2 & 7.3 affected.
Dynamic SIM Provisioning (DSP) — DSP3.3, DSP3.1, DSP3.4 affected.
Edge Infrastructure Automation — Versions 2.0x affected.
Enhanced Internet Usage Manage — Version 10.6.3 affected.
Ezmeral Container Platform — Version 5.x affected.
Ezmeral Container Platform Bluedata EPIC — Version 3.x and 4.x affected.
Ezmeral Data Fabric Ezmeral Data Fabric Core / Client — v6.2.0; MCS - v6.0.1, v6.1.0, v6.1.1 & v6.2.0; Installer – v1.17.0.0 and older affected.
Ezmeral Ecosystem Pack (EEP) Elastic Search — v6.8.8 and older versions affected.
HBase — v1.4.13 and older affected.
Hive — v2.3.x and older affected.
Hyper Converged 250 System — All versions affected.
Hyper Converged 380 — All versions affected.
Infosight for Storage — All versions affected.
Integrated Home Subscriber Server Software Series — I-HSS 4.0.x only when using nHSS 4G/5G IWK function.
Intelligent Assurance — Only Analytics on Metrics affected.
Intelligent Management Center (iMC) — HPE IMC Standard and Enterprise 7.3 (E0706) and 7.3 (E0706P06) affected.
Kafka HDFS Connector — v10.0.0 and older affected.
Media Workflow Master — All versions affected.
Network Function Virtualization Director (NFV Director) — Versions 5.1.x & 6.0.x affected.
Real Time Management System (RTMS) — RTMS 3.0.x, RTMS 3.1.x affected.
Remote SIM Provisioning Manager (RSPM) — RSPM1.3.2 & RSPM1.4.1 affected.
Revenue Intelligence Software Series — All versions affected.
SANnav Management Software — Version 2.0.0/2.1.1 affected
Service Director (SD) — All versions affected.
Shasta Monitoring Framework — All versions affected.
Silver Peak Orchestrator — All customer managed Orchestrator and legacy GMS products are affected by this vulnerability
SimpliVity 325 — All versions affected.
SimpliVity 380 Gen 9 & 10 — All versions affected.
SimpliVity OmniCube — All versions affected.
StoreServ Management Console (SSMC) — All versions affected.
Telecom Analytics Smart Profile Server (TASPS) — All versions affected.
Telecom Management Information Platform Software Series — Only TeMIP Rest Server 8.3.2; TMB 3.4.0 affected.
Trueview Inventory Software Series — Versions 8.6x & 8.7x affected.
Unified Data Management (UDM) UDM — Versions 1.2107.0, 1.2109.0, 1.2109.1, 1.2112.0 affected.
Universal IoT (UioT) Platform — All versions affected.
Unstructured Data Storage Function — UDSF: 1.2108.0, 1.2110.0, 1.2112.0 affected.
User Data Repository (UDR) — UDR: 1.2106.0, 1.2110.0, 1.2112.0 affected.
Virtual Headend Manager — All versions affected.
XP Performance Advisor Software — Versions 7.5 through 8.4 affected.

HPE #

SimpliVity 2600 Gen10 — All versions affected.

Huawei #

Agile Controller-Campus — Affected
Agile Controller-DCN — Affected
CloudCampus@AC-Campus — Affected
eSight — Affected
eSight Network — Affected
iMaster NCE-Campus — Affected
NCE-Fabric — Affected
NCE-WAN — Affected
SD-WAN@AC-Campus — Affected
SMS Gateway

IBM #

Analytics

Cognos Analytics — Affected versions: 11.0.6 to 11.0.13 FP4, 11.1.X, 1.2.X
Cognos Controller — Affected versions: 10.4.2
Netezza Analytics — Affected versions: <= 3.3.9
Netezza Analytics for NPS — Affected versions: <= 11.2.21
Operations Analytics - Log Analysis — Affected versions: 1.3.5.3, 1.3.6, 1.3.6.1, 1.3.7, 1.3.7.1
Operations Analytics Predictive Insights — Affected versions: 1.3.6
Planning Analytics Workspace — Affected versions: 2.0.57+
QRadar User Behavior Analytics — All versions affected.
SPSS Analytic Server — Affected versions: 3.2.2.0, 3.3.0.0
SPSS Statistics — Affected versions: 25.0, 26.0, 27.0.1, 28.0.1

Data Management

Db2 / Db2 Warehouse — Version 11.5, if DVM JDBC wrapper driver, NoSQL wrapper driver or blockchain wrapper driver enabled
Db2 on Openshift / Db2 on Cloud Pak for Data — Upgrade to 11.5.7.0+ (Openshift), upgrade to 4.0.4+ (Cloud Pak for Data)
Decision Optimization for Cloud Pak for Data — Affected versions: 4.0.X
InfoSphere Data Replication — Affected versions: 11.4, 11.4.0
InfoSphere Global Name Management — Affected versions: 6.0
InfoSphere Information Server — Affected versions: 11.7 (also 11.5 and 11.3, which are EOL)
Watson Assistant for Cloud Pak for Data — Affected versions: 1.5.0, 4.0.0, 4.0.2

Spectrum

Spectrum Conductor — Affected versions: 2.4.1, 2.5.0, 2.5.1
Spectrum Control — Affected versions: 5.4.0 - 5.4.5
Spectrum Protect Backup Archive Client — Affected versions: 7.1.8.10-7.1.8.12 (VMware only), 8.1.11.0-8.1.13.0
Spectrum Protect Client Web User Interface / Spectrum Protect for Virtual Environments — Affected versions: 7.1.8.10-7.1.8.12 (VMware only), 8.1.11.0-8.1.13.0 (the Data Movers in 8.1.11 and above are affected)
Spectrum Protect Copy Data Management — Affected versions: 2.2.14.0
Spectrum Protect for Space Management — Affected versions: 7.1.8.10-7.1.8.11, 8.1.11.0-8.1.13.0
Spectrum Protect Operations Center — Affected versions: 7.1.0.000-7.1.14.000, 8.1.0.000-8.1.13.000
Spectrum Protect Plus — Affected versions: 10.1.0.0 - 10.1.9.0
Spectrum Protect Plus Container Backup and Restore for Kubernetes and OpenShift — Affected versions: 10.1.9.0
Spectrum Protect Snapshot for VMware — Affected versions: 4.1.6.10 - 4.1.6.12
Spectrum Protect Snapshot on Windows — Affected versions: 4.1.6.10 - 4.1.6.X, 8.1.11.0 - 8.1.13.0
Spectrum Scale — Affected versions: 5.3.6.0 - 5.3.7.3, 6.0.1.0 - 6.1.2.0
Spectrum Symphony — Affected versions: 7.2.0.2, 7.2.1, 7.2.1.1, 7.3, 7.3.1, 7.3.2

Sterling

Sterling B2B Integrator — Affected versions: 6.0.0.0 - 6.1.1.0
Sterling Configure, Price, Quote — Affected versions: 10.X
Sterling Connect:Direct File Agent — Affected versions: 1.4
Sterling Connect:Direct for Unix — Affected versions: 4.3.0, 6.0.0, 6.1.0, 6.2.0
Sterling Connect:Direct Web Services — Affected versions: 1.0 (Sterling Connect Direct Web Services), 6.0 (IBM Connect:Direct Web Services)
Sterling File Gateway — Affected versions: 6.0.0.0 - 6.1.1.0
Sterling Global Mailbox — Affected versions: 6.0.3-6.1.1.0
Sterling Partner Engagement Manager — Affected versions: 6.1 to 6.1.2.3, 6.2 to 6.2.0.1

WebSphere

WebSphere Application Server — Affected versions: 7.0, 8.0, 8.5, 9.0
WebSphere Application Server Liberty z/OS — Affected versions: continuous delivery
WebSphere Automation for IBM Cloud Pak for Watson AIOps — All versions affected.
WebSphere Hybrid Edition — Affected versions: 8.5, 9.0
WebSphere Remote Server — Affected versions: 8.5, 9.0

Other

Analyst’s Notebook Premium — Affected versions: 9.2.2, 9.3.0, 9.3.1
App Connect Enterprise — Affected versions: 11.0.0.7 to 11.0.0.15, 12.0.1.0 to 12.0.3.0
App Connect for Manufacturing — Affected versions: 2.0.0.5 to 2.0.0.7
App Connect operands — Affected versions: App Connect Enterprise Certified Container (with Operator) versions 1.1-eus, 1.4, 1.5, 2.0, 2.1, 3.0
App Connect Professional — Affected versions: 7.5.3.0, 7.5.4.0, 7.5.5.0
Application Navigator — Affected versions: 2.5.0
Business Automation Workflow — Installs WebSphere with Log4j, affected versions: 18.0.0.0.2, 19.0, 20.0, 21.0
Cloud Application Business Insights — Affected versions: 1.1.5, 1.1.6, 1.1.7
Cloud Object Storage File Access — Affected versions: 7.0.0
Cloud Object Storage Systems ClevOS — Affected versions: 3.16.0.0 - 3.16.0.47 (LTS), 3.16.1.0 - 3.16.1.39 (Active Release)
Cloud Pak for Automation — Affected versions: 19.X, 20.X, 21.0.1, some versions of 21.0.2, some versions of 21.0.3
Cloud Pak for Data — Affected versions: 2.0.0.0 - 2.0.1.1
Cloud Pak for Integration — Affected versions: 2021.2.1, 2021.4.1
Cloud Pak for Security — Affected versions: 1.7.2.0, 1.8.0.0, 1.8.1.0, 1.9.0.0
Cloud Private — Affected versions: 3.1.1, 3.1.2, 3.2.0, 3.2.1 CD, 3.2.2 CD
Cloud Transformation Advisor — Affected versions: 2.5.0
Collaboration and Deployment Services — Affected versions: 8.3
Common Licensing License Key Server (LKS) Administration and Reporting Tool (ART) — Affected versions: 9.0
Content Collector for Email — Affected versions: 4.0.X
Content Collector for File Systems — Affected versions: 4.0.X
Content Collector for IBM Connections — Affected versions: 4.0.X
Content Collector for Sharepoint — Affected versions: 4.0.X
Content Navigator — Affected versions: 3.0 Continuous Delivery
Cúram Social Program Management — Affected versions: 8.0.0.0 - 8.0.1.0
Data Risk Manager — Affected versions: 2.0.6
Disconnected Log Collector — Affected versions: 1.0 - 1.7
DS8000 Hardware Management Console — Affected versions: 88.5x.x.x (R8.5), 89.1x.0.0 (R9.1), 89.2x.0.0(R9.2)
Elastic Storage System — Affected versions: 6.0.1.0 - V6.0.2.3, 6.1.0.0 - V6.1.2.0
Engineering Lifecycle Management products
Engineering Requirements Management DOORS — Affected versions: 9.6.1.7 - 9.7.2.2
Engineering Systems Design Rhapsody — Affected versions: 8.4, 9.0, 9.0.1
Event Streams — Affected versions: 10.0.0, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.4.0, 2019.4.1, 2019.4.2, 2019.4.3, 2019.4.4
Financial Transaction Manager for Corporate Payment Services — Affected versions: 3.2.4.0 ifix 2, 3.2.4.0 ifix 6, 3.2.4.0 ifix 9
Financial Transaction Manager for Digital Payments — Affected versions: 3.2.3.0 ifix 2, 3.2.4.0 ifix 6, 3.2.5.0 ifix 3, 3.2.6.1 ifix 4, 3.2.7.0 ifix 1
i2 Analyze — Affected versions: 4.3.1.0, 4.3.1.1, 4.3.2.0, 4.3.3.0, 4.3.4.0, 4.3.5.0
i2 Connect — Affected versions: 1.0.1.0, 1.0.1.1, 1.0.2, 1.0.3, 1.1.0, 1.1.1
Jazz for Service Management — Affected versions: 1.1.3
Kenexa LCMS Premier On Premise — Affected versions: <= 14.0
Kenexa LMS On Premise — Affected versions: <= 6.1
License Metric Tool — Affected versions: 9.2.21.0 - 9.2.25.0
MaaS360 Enterprise Gateway — Affected versions: <= 2.105.200
MQ Blockchain Bridge — Affected versions: 9.1 CD, 9.2 CD, 9.2 LTS
Novalink — Affected versions: 1.0.0.16, 2.0, 2.0.1, 2.0.2, 2.0.2.1
OpenPages with Watson — Affected versions: 8.2.0.4
Performance Management — Affected versions: 8.1.4
Power Hardware Management Console — Affected versions: 9.2.950.0+, 10.1.1010.0+
Security Access Manager / Security Verify Access — Affected versions: 9.0.7.1 (SAM), 10.0.0.0 (SVA)
Security Guardium — Affected versions: 10.5, 10.6, 11.0, 11.1, 11.2, 11.3, 11.4
Spectrum Archive Enterprise Edition — Affected versions: 1.3.0.0 - 1.3.2.1
Tivoli Monitoring — Affected versions: 6.3.0 fix pack 7 service pack 5+
Tivoli Netcool Impact — Affected versions: 7.1.0.18 - 7.1.0.24
Transformation Extender — Affected versions: 10.0.3.0, 10.1.0.0, 10.1.0.1, 10.1.1.0
Watson Explorer - Analytical Components — Affected versions: 11.0.0.0 - 11.0.0.3, 11.0.1, 11.0.2.0 - 11.0.2.11
Watson Explorer - Foundational Components — Affected versions: 11.0.0.0 - 11.0.0.3, 11.0.1, 11.0.2.0 - 11.0.2.11
Watson Explorer DAE - Analytical Components — Affected versions: 12.0.0.0, 12.0.1, 12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.7
Watson Explorer DAE - Foundational Components — Affected versions: 12.0.0.0, 12.0.1, 12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.7
Watson Explorer DAE - oneWEX — Affected versions: 12.0.0.0, 12.0.1, 12.0.2.0 - 12.0.2.2, 12.0.3.0 - 12.0.3.7
Watson Knowledge Catalog InstaScan — Affected versions: <= 1.1.6

Informatica #

Informatica state that their cloud remediation is complete, and have an advisory listing vulnerable on-premises products.

ActiveVOS — Affected versions: 9.2.4.3, 9.2.4.4, 9.2.4.5, 9.2.4.6
Axon Data Governance — Affected versions: 6.0, 6.1, 6.2, 6.3, 7.0, 7.1, 7.2, 7.2.1, 7.2.2
Customer 360 — Affected versions: > 10.2, <= 10.4 Hotfix 3
Customer 360 Insights — All versions affected.
Data Engineering Integration — Affected versions: 10.2, 10.2 HF2, 10.4.1, 10.4.1.3, 10.5.1
Data Engineering Quality — Affected versions: 10.4.1, 10.4.1.3, 10.5.1
Data Engineering Streaming — Affected versions: 10.4.1, 10.4.1.3, 10.5.1
Data Privacy Management — Affected versions: 10.5, 10.5.1
Data Replication — Affected versions: 9.8.0
Enterprise Data Catalog — Affected versions: 10.5 - 10.5.1.0.3, still investigating 10.4.X
Enterprise Data Preparation — Affected versions: 10.5, 10.5.1
Fast Clone — Affected versions: 11.0
Informatica Data Quality — Affected versions: 10.2.2 - 10.5.1
Metadata Manager — Affected versions: 10.4.1, 10.5, 10.5.1
Multidomain MDM — Affected versions: > 10.2 and <= 10.4 HotFix 3
PowerCenter — Affected versions: 10.5, 10.5.1
PowerExchange CDC Publisher — Affected versions: 1.2.0, 1.3.0
PowerExchange for CDC and Mainframe — Affected versions: 10.4, 10.4.1, 10.5, 10.5.1
Product 360 — Affected versions: 8.1.1 HotFix 6, 10.0 HotFix 1 - 4, 10.1, 10.1 HotFix 1 - 3
Supplier 360 — Affected versions: 10.2, 10.4, 10.4 HF1, 10.2 HF5, 10.4 HF2, 10.4 HF3
Ultra Messaging — Affected versions: 6.14

Intel #

Audio Development Kit — Affected
Datacenter Manager — Affected
oneAPI sample browser plugin for Eclipse — Affected
Secure Device Onboard — Affected
System Debugger — Affected

Intland #

codebeamer — Versions affected: <= 20.11-SP11, <= 21.09-SP3

Ivanti #

Avalache — Versions affected: 6.3.0, 6.3.1, 6.3.2, 6.3.3

Juniper #

Cloud Services

Security Director, but not Security Director Insights — Vulnerable/affected: 21 version 21.1 and later versions; 22 version 22.2 and later versions.

Paragon Automation

Juniper Networks Paragon Insights — Vulnerable/affected: 21 version 21.1 and later versions; 22 version 22.2 and later versions.
Juniper Networks Paragon Pathfinder — Vulnerable/affected: 21 version 21.1 and later versions; 22 version 22.2 and later versions.
Juniper Networks Paragon Planner — Vulnerable/affected: 21 version 21.1 and later versions; 22 version 22.2 and later versions.

Security

Secure Analytics — May be affected.

Other

JSA Series — May be affected.
Junos Space Management Applications — May be affected.
Junos Space Network Management Platform — May be affected.
Network Director — May be affected.

Kronos #

Kronos Private Cloud — Affected, Kronos Private Cloud solutions are currently unavailable.

Lenovo #

Networking Switches

B300 FC SAN Switch — Brocade BNA and SANnav affected.
B6505 FC SAN Switch — Brocade BNA and SANnav affected.
B6510 FC SAN Switch — Brocade BNA and SANnav affected.
ThinkSystem DB400D FC Switch — Brocade BNA and SANnav affected.
ThinkSystem DB610S FC Switch — Brocade BNA and SANnav affected.
ThinkSystem DB620S FC Switch — Brocade BNA and SANnav affected.
ThinkSystem DB630S FC Switch — Brocade BNA and SANnav affected.
ThinkSystem DB720S FC Switch — Brocade BNA and SANnav affected.
ThinkSystem DB800D FC Switch — Brocade BNA and SANnav affected.

Software

DSS-G — Affected
XClarity Administrator — Affected
XClarity Administrator Virtual Appliance Full Image (For KVM) — Affected
XClarity Administrator Virtual Appliance Full Image (For VMWare) — Affected
XClarity Administrator Virtual Appliance Full Image (For Windows) — Affected

Software

XClarity Energy Manager — Affected
XClarity Integrator (LXCI) for VMware vCenter — Affected

Storage

ONTAP Tools for VMware vSphere (OTV) for DM Series — DM120S, DM240N, DM240S, DM3000H, DM5000F, DM5000H, DM5100F, DM600S, DM7000F, DM7000H, DM7100F, DM7100H ThinkSystem affected.
SnapCenter Plug-in for VMware DM Series — DM120S, DM240N, DM240S, DM3000H, DM5000F, DM5000H, DM5100F, DM600S, DM7000F, DM7000H, DM7100F, DM7100H ThinkSystem affected.
ThinkSystem Intelligent Monitoring Unified Manager for Linux for DM Series — DM120S, DM240N, DM240S, DM3000H, DM5000F, DM5000H, DM5100F, DM600S, DM7000F, DM7000H, DM7100F, DM7100H ThinkSystem affected.
ThinkSystem Intelligent Monitoring Unified Manager for VMware for DM Series — DM120S, DM240N, DM240S, DM3000H, DM5000F, DM5000H, DM5100F, DM600S, DM7000F, DM7000H, DM7100F, DM7100H ThinkSystem affected.
ThinkSystem Intelligent Monitoring Unified Manager for Windows for DM Series — DM120S, DM240N, DM240S, DM3000H, DM5000F, DM5000H, DM5100F, DM600S, DM7000F, DM7000H, DM7100F, DM7100H ThinkSystem affected.

ThinkAgile

CP-CB-10 (Lenovo) — ThinkAgile CP-Management Web Console affected.
CP-CB-10E (Lenovo) — ThinkAgile CP-Management Web Console affected.
CP-CN-10 (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
CP-CN-10E (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
CP-I-10 (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
CP-SB-D20 (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
CP-SB-D20E (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
CP-SB-S10 (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
CP6000 (ThinkAgile) — ThinkAgile CP-Management Web Console affected.
ThinkAgile HX — VMware Components affected.
ThinkAgile VX — VMware Components affected.

ThinkStation

P920 Rack Workstation (ThinkStation) — Lenovo XClarity Energy Manager (LXEM) affected.

ThinkSystem

Storman command line tool (For Linux) — SR530, SR550, SR570, SR590, SR630, SR630V2, SR645, SR650, SR650V2, SR665, SR850V2, SR860V2, ST550, ST558 ThinkSystems affected.
Storman command line tool (For VMWare) — SR530, SR550, SR570, SR590, SR630, SR630V2, SR645, SR650, SR650V2, SR665, SR850V2, SR860V2, ST550, ST558 ThinkSystems affected.
Storman command line tool (For Windows) — SR530, SR550, SR570, SR590, SR630, SR630V2, SR645, SR650, SR650V2, SR665, SR850V2, SR860V2, ST550, ST558 ThinkSystems affected.

Lightbend #

Lagom Framework — Uses log4j, affected if not updated.

LOGalyze #

SIEM & log analyzer tool — Versions affected: v4.X

McAfee #

Advanced Threat Defense — Affected versions: 4.2.X, 4.4.X, 4.6.X, 4.8.X, 4.12.X
Application and Change Control — Affected versions: 6.1, 6.2.X - 6.5.X, 7.0.X, 8.0.X, 8.2.X, 8.3.X
Cloud Workload Security — Affected versions: 5.2.X, 5.3.X
Content Security Reporter — Affected versions: 1.X - 2.X
Data Exchange Layer — Affected versions: 5.X, 6.X
Data Loss Prevention Endpoint — Affected versions: 11.6.X
Data Loss Prevention Monitor — Affected versions: 11.X
Data Loss Prevention Prevent — Affected versions: 11.X
Database Activity Monitoring — Affected versions: 4.6.X, 4.7.X, 4.8.X, 5.2.X, 5.3.X
Drive Encryption — Affected versions: 7.2, 7.3.X
Endpoint Security Firewall — Affected versions: 10.6.X, 10.7.X
Endpoint Security for Linux Firewall — Affected versions: 10.6.X, 10.7.X
Endpoint Security for Linux Threat Prevention — Affected versions: 10.X
Endpoint Security for Mac Firewall — Affected versions: 10.X
Endpoint Security for Mac Threat Prevention — Affected versions: 10.X
Endpoint Security for Mac Web Control — Affected versions: 10.X
Endpoint Security for Servers — Affected versions: 5.0.X, 5.1.X
Endpoint Security Threat Prevention — Affected versions: 10.6.X, 10.7.X
Endpoint Security Web Control — Affected versions: 10.6.X, 10.7.X
ePolicy Orchestrator — Affected versions: 5.10.X
File and Removable Media Protection — Affected versions: 5.1.X, 5.2.X, 5.3.X, 5.4.X
Management of Native Encryption — Affected versions: 4.X, 5.X
McAfee Active Response — Affected versions: 2.X
McAfee Agent — Affected versions: 10.6.X, 10.7.X
McAfee Client Proxy — Affected versions: 2.3.X, 2.4.X, 2.5.X, 3.X, 4.X
MOVE Antivirus Agentless — Affected versions: 4.7.X, 4.8.X, 4.9.X
MOVE Antivirus Multi-platform — Affected versions: 4.6.X, 4.7.X, 4.8.X, 4.9.X
MVISION Cloud CASB Connect — Affected.
MVISION EDR — All versions affected.
MVISION Endpoint — All versions affected.
Network Security Manager — Affected versions: 9.1.X, 9.2.X
Network Security Sensor Appliance — Affected versions: 9.1.X, 9.2.X, 10.X
Network Security Signature Set — Affected.
Security for Microsoft Exchange — Affected versions: 8.5, 8.6, 8.7, 8.8
SIEM Enterprise Security Manager — Affected versions: 11.1.X, 11.2.X, 11.3.X, 11.4.X, 11.5.X
Threat Intelligence Exchange Server — Affected versions: 2.2.X, 3.X
Threat Prevention and Removal — Affected.
Unified Cloud Edge — Affected.
VirusScan Enterprise — Affected.
Vulnerability Response — Affected.
Web Gateway — Affected versions: 7.8, 8.0.X - 8.2.X, 9.0.X - 9.2.X, 10.0.X - 10.2.X, 11.X

Microfocus #

ALM Octane — All versions affected.
ALM/Quality Center — Affected versions: 15.5.0, 15.5.1 (SP1), 15.5.1 Patch 01, 15.5.1 Patch02, 16.0.0
AMX — Affected versions: 2021.08, 2021.11
Application Performance Management (APM) — Affected versions: 9.40, 9.50, 9.51

CyberRes

ArcSight ArcSight Platform (Containerized) — All versions affected.
ArcSight Connectors — Affected versions: 8.2 and above
ArcSight Enterprise Security Manager (ESM) — Affected versions: 7.2, 7.5
ArcSight Interset — Affected versions: 5.X and above
ArcSight Logger — Affected versions: 7.2 and above
ArcSight Recon — Affected versions: 1.1.1 and 1.2 (non SaaS)
ArcSight Sentinel — Affected versions: 8.2 to 8.5
ArcSight Transformation Hub — All versions affected.
AutoPass License Server (APLS) — Affected versions: 11.7.X, 11.8.X, 11.9.X, 12.0.X, 12.1.0, 12.1.1, 12.1.2
Change Guardian — Affected versions: 5.2, 6.0, 6.1, 6.2
Data Protector - Cell Console (CC) and Reporting Server (RS) components — Affected versions: 10.20, 10.30, 10.40, 10.50, 10.60, 10.70, 10.80, 10.90, 10.91, 11.00
Database and Middleware Automation (DMA) — Affected versions: 10.62.0.0
Dimensions CM — Affected versions: 14.5.X
Fortify Application Defender — Affected versions: 20.1 and newer
Fortify Audit Assistant — Affected versions: 19.2 and newer
Fortify Java Runtime Agent — Affected versions: 20.1 and newer
Fortify ScanCentral (SAST) — Affected versions: 20.1 and newer
Fortify Software Security Center — Affected versions: 20.1 and newer
Fortify Static Code Analyzer (SCA_and_Apps) — Affected versions: 20.1 and newer
GroupWise — Affected versions: 18.0.0, 18.0.1, 18.0.2, 18.1, 18.1.1, 18.2, 18.2.1, 18.3, 18.3.1
GroupWise TeamWorks — Affected versions: 18.1.1, 18.2.0, 18.2.1
Identity Manager — Affected versions: 1.32.0
LoadRunner Enterprise — Affected versions: 2020, 2020SP1, 2020SP2, 2020SP3,2021, 2021R1, 2021R2
MF Connect — All versions affected.
NetIQ Access Manager — Affected versions: 4.5 and newer
NetIQ Advanced Authentication — Affected versions: 6.0 and newer
NetIQ Change Guardian — Affected versions: 5.2 to 6.2
NetIQ Risk Services — Affected versions: 1.0 and newer
NetIQ SecureLogin Advanced Edition — Affected versions: 9.0.0.2
Operations Bridge Manager (OBM) — Affected versions: 2021.11 and older
PVCS Version Manager — Affected versions: 8.6.0, 8.6.1, 8.6.2, 8.6.3
Retain Unified Archiving — Affected versions: 4.9.2, 4.10
Server Automation Reporting with OPTIC DL — Affected versions: 10.60, 2018.08, 2020.11
Service Manager (SM) Chat Server — Affected versions: 9.64, 9.70, 9.71
Service Manager (SM) Mobility — Affected versions: 9.70, 9.71
Service Manager (SM) Server — Affected versions: 9.70, 9.71
Service Manager (SM) Web Tier — Affected versions: 9.70, 9.71
SMAX — Affected versions: 2020.11, 2021.02, 2021.05, 2021.08, 2021.11
Structured Data Manager (SDM) — Affected versions: 7.6.1, 7.6.2, 7.6.3, 7.6.4, 7.6.5 R2, 7.6.5 R3
UFT Developer (LeanFT) — Affected versions: 14.5x up to 2021
Voltage SecureData Sentry — Affected versions: 4.3 and below
Voltage Structured Data Manager — Affected versions: 7.6.1 and newer
ZENworks — Affected versions: 2020 Update 1, 2020 Update 2, Reporting Server 7.8.0
ZMF4ECL — All versions affected.

Microsoft #

Azure DevOps Server — Versions 2020 & earlier affected.
Team Foundation Server — Versions 2018.2+ affected.

Mimecast #

Mimecast — Affected services have been patched.

MobileIron #

Core — Versions affected: All Versions
Core Connector — Versions affected: All Versions
Reporting Database (RDB) — Versions affected: All Versions
Sentry — Versions affected: 9.13, 9.14

Mulesoft #

Anypoint Studio — Versions affected: 7.X
Mule Agent — Versions affected: 6.X
Mule Runtime — Versions affected: 3.X,4.X

NetApp #

Active IQ Unified Manager (Linux, Windows, vSphere) — Affected
Brocade SAN Naviator — Affected
Cloud Insights Acquisition Unit — Affected
Cloud Manager — Affected
Cloud Secure — Affected
OnCommand Insight — Affected
ONTAP Tools for VMware vSphere — Affected
SnapCenter Plug-in for VMware vSphere — Affected

New Relic #

Containerized Private Minion (CPM) — Affected, fixed in v3.0.58
Helm Charts (uses CPM) — Affected, fixed in v1.0.46
New Relic Java Agent — Affected, fixed in v7.4.3

Nutanix #

AOS STS — Affected, patched in v6.0.2.4
File Analytics — Affected versions: 2.1.x, 2.2.x, 3.0+. Mitigation steps available for 2.1.x, 2.2.x, download available in 3.0.1.
Karbon — All versions affected, mitigation steps available.
Mine — All versions affected, mitigation steps available.
Objects — All versions affected, mitigation steps available.
SaaS-based Products — Most affected products have been patched, WAF mitigations in place.
Witness VM — All versions affected, mitigation steps available.

Okta #

On-Prem MFA Agent — Radius Server Agent & On-Prem MFA Agent.
RADIUS Server Agent

OneSpan #

Digipass authentication products

On-premises server products

Oracle #

Enterprise Manager — Affected versions: 13.3.2, 13.4, & 13.5. Note that Oracle has currently restricted access to vulnerable product info, this info is from the CISA.
Exadata — Affected versions: < 21.3.4. Note that Oracle has currently restricted access to vulnerable product info, this info is from the CISA.

OVHcloud #

Hosted Private Cloud — Affected; Several products powered by VMware
Internal systems — Possibly affected; Still investigating

OxygenXML #

Batch Documents Converter — Versions affected: v3.2.0 and older
Git Client — Versions affected: v3.0.0 & older
Oxygen Content Fusion — Versions affected: 2.0, 3.0, 4.1
Oxygen Feedback Enterprise — Versions affected: 1.4.4 & older
Oxygen License Server — Versions affected: v22.1 to v24.0
Oxygen PDF Chemistry — Versions affected: v22.1, 23.0, 23.1, 24.0
Oxygen SDK — Versions affected: v22.1.0.0, v23.0.0.0 to v23.1.0.0, v24.0.0.0
Oxygen Web Author — Versions affected: v22.1.0, v23.0.0 to v23.1.1, v24.0.0
Oxygen Web Author Test Server Add-on — Versions affected: between v22.1.0 and v24.0.0
Oxygen XML Author — Versions affected: between v16.1 and v22.0, v22.1, 23.0, 23.1, 24.0
Oxygen XML Developer — Versions affected: between v16.1 and v22.0, v22.1, 23.0, 23.1, 24.0
Oxygen XML Editor — Versions affected: between v16.1 and v22.0, v22.1, 23.0, 23.1, 24.0
Oxygen XML Publishing Engine — Versions affected: v22.1, v23.0 to v23.1, v24.0
Oxygen XML WebHelp — Versions affected: v22.1, 23.0, 23.1, 24.0
Web Author PDF Plugin — Versions affected: v23.0.0.0, v24.0.0.0
XSD to JSON Schema Converter — Versions affected: v22.0 and v24.0

Palo-Alto Networks #

Palo-Alto Networks-OS for Panorama — Versions affected: 9.0, 9.1, 10.0

Ping Identity #

PingAccess — Versions affected: 4.0 <= version <= 6.3.2
PingFederate — Versions affected: 8.0 <= version <= 10.3.4
PingFederate Java Integration Kit — Versions affected: < 2.7.2
PingFederate OAuth Playground — Versions affected: < 4.3.1

Polycom #

Poly Clariti Core/Edge (DMA/CCE) — Versions affected: 9.0 and above

PortEx #

Portex — Versions affected: <3.0.2

Positive Technologies #

MaxPatrol VM

Progress #

Open Edge & DataDirect Hybrid Data Pipeline

PTV Group #

Software Solutions for Traffic & Mobility

PTV MaaS Modeller — Affected.
PTV Map&Market — Possibly affected.
PTV Route Optimiser CL — Possibly affected.
PTV Route Optimiser ST — Possibly affected.
PTV xServer 1.34 (on prem) — Affected.

PureStorage #

FlashArray — Affected versions: Purity//FA 5.3.x, Purity//FA 6.0.x, Purity//FA 6.1.x, Purity//FA 6.2.x
FlashBlade — Affected versions: Purity//FB 3.0.x, Purity//FB 3.1.x, Purity//FB 3.2.x, Purity//FB 3.3.x
Portworx — Affected versions: 2.8.0+ with telemetry enabled
Pure Cloud Block Store — Affected versions: 6.1.xPAZ, 6.1.xPAWS, 6.2.xPAZ, 6.2.xPAWS
Pure VMA Collector — Affected versions: v3.x

Qlik #

Compose for Data Lakes — Version 6.6 affected.
Compose for Data Warehouses versions 6.6, 6.6.1, 7.0 — Version 6.6+ affected.
Compose versions 2021.2, 2021.5, 2021.8 — Current version resolved
Enterprise Manager versions 6.6, 7.0, 2021.5, 2021.11 — Version 6.6, 7.0 and 2021.5+ affected.
GeoAnalytics and GeoAnalytics Plus — Version May 2021 and higher
Qlik Catalog – May 2021 — May 2021 release and onward affected.
Replicate versions 6.6, 7.0, 2021.5, 2021.11 — Version 6.6, 7.0 and 2021.5+ affected.

QMATIC #

Appointment Booking — Versions affected: 2.4+
Insights — Versions affected: Cloud

Rapid7 #

InsightOps DataHub — Versions affected: InsightOps DataHub <= 2.0
InsightOps r7insight_java logging library — Versions affected: <=3.0.8
Logentries DataHub — Versions affected: Linux version <= 1.2.0.820; Windows version <= 1.2.0.820
Logentries le_java logging library — Versions affected: All versions: this is a deprecated component

Real-Time Innovations (RTI) #

RTI Micro Application Generator (MAG), as part of RTI Connext Micro — Versions affected: 3.0.0, 3.0.1, 3.0.2, 3.0.3
RTI Micro Application Generator (MAG), as part of RTI Connext Professional — Versions affected: 6.0.0 and 6.0.1

Redhat #

Cloud Computing

OpenShift 3.11 — This issue has been assigned CVE-2021-44228 and rated with a severity impact of Critical.
OpenShift 4 — This issue has been assigned CVE-2021-44228 and rated with a severity impact of Critical.
OpenShift Logging — This issue has been assigned CVE-2021-44228 and rated with a severity impact of Critical.
OpenStack Platform 13 — This issue has been assigned CVE-2021-44228 and rated with a severity impact of Critical.

Cloud Computing/Runtimes

OpenShift Application Runtimes Vert.X 4 — This issue has been assigned CVE-2021-44228 and rated with a severity impact of Critical.

Integration & Automation

AMQ Streaming — Upgrade to version 1.8.4.
Fuse 7 — Upgrade to version 7.10.0.
Integration Camel K — Affected.
Integration Camel Quarkus — Affected.
Process Automation 7 — Affected.

Runtimes

Data Grid 8 — Upgrade to version 8.2.2.
JBoss Enterprise Application Platform 7 — Affected, apply security update for v7.4.

Other

CodeReady Studio 12 — Affected.

Redis #

Jedis — Versions affected: 3.7.1, 4.0.0-rc2

Revenera #

Code Aware — Affected, 2020 R2.
FlexNet Embedded — Affected, FlexNet License Server Manager (FLSM).
FlexNet Operations Cloud ALM — Affected, Revenera managed services: Core module, Updates and Insights, Data Access APIs
FlexNet Operations On-Premises — Affected, Core module.
FlexNet Publisher — Affected, 2021 R4 (11.18.3.0), only when using lmadmin alerts example code.
InstallAnywhere — Affected, 2018 (only when using CodeAware).
InstallShield — Affected, 2016 SP2, 2018 (only when using CodeAware).
Usage Intelligence — Affected, Java SDK.

Rockwell Automation #

FactoryTalk Analytics DataFlowML — Versions affected: 4.00.00
FactoryTalk Analytics DataView — Versions affected: 3.03.00
MES EIG — Versions affected: 3.03.00
Warehouse Management — Versions affected: 4.01.00, 4.02.00, 4.02.01, 4.02.02

Ruckus #

Virtual SmartZone (vSZ) — Versions affected: 5.1 to 6.0

SBT #

SBT — Versions affected: < 1.5.6

Schneider Electric #

EASYFIT — Versions affected: Current software and earlier
Ecoreal XL — Versions affected: Current software and earlier
Eurotherm Data Reviewer — Versions affected: V3.0.2 and prior
MSE — Versions affected: Current software and earlier
NetBotz750/755 — Versions affected: Software versions 5.0 through 5.3.0
NEW630 — Versions affected: Current software and earlier
SDK BOM — Versions affected: Current software and earlier
SDK-Docgen — Versions affected: Current software and earlier
SDK-TNC — Versions affected: Current software and earlier
SDK-UMS — Versions affected: Current software and earlier
SDK3D2DRenderer — Versions affected: Current software and earlier
SDK3D360Widget — Versions affected: Current software and earlier
Select and Config DATA — Versions affected: Current software and earlier
SNC-API — Versions affected: Current software and earlier
SNC-CMM — Versions affected: Current software and earlier
SNCSEMTECH — Versions affected: Current software and earlier
SPIMV3 — Versions affected: Current software and earlier
SWBEditor — Versions affected: Current software and earlier
SWBEngine — Versions affected: Current software and earlier

Siemens #

Advantage Navigator Energy & Sustainability — Versions affected: < 2021-12-13
Advantage Navigator Software Proxy — Versions affected: All Versions
Capital — Versions affected: >= 2019.1 SP1912 only if Teamcenter integration feature is used
Cerberus DMS — Versions affected: V5.0, V5.1 with Advanced Reporting EM installed
Comos Desktop App — Versions affected: All Versions
Desigo CC — Versions affected: V3.0, V4.0, V4.1, V4.2 with Advanced Reporting EM installed
E-Car OC Cloud Application — Versions affected: < 2021-12-13
Energy Engage — Versions affected: V3.1
EnergyIP — Versions affected: V8.5, V8.6, V8.7, V9.0
EnergyIP Prepay — Versions affected: V3.7. V3.8
Enlightened Amaze — Versions affected: <2021-12-10
Enlightened Where — Versions affected: <2021-12-11
Geolus Shape Search V10 — Versions affected: All Versions
Geolus Shape Search V11 — Versions affected: All Version
GMA-Manager — Versions affected: All Version >=V8.6.2j-398 and <V8.6.2-472
HES UDIS — Versions affected: All Versions
Industrial Edge Management App (IEM-App) — Versions affected: All Versions
Industrial Edge Management Hub — Versions affected: < 2021-12-13
Industrial Edge Management OS (IEM-OS) — Versions affected: All Versions
Mendix Applications — Versions affected: All Versions
MindSphere App Management Cockpits (Developer & Operator) — Versions affected: < 2021-12-16
MindSphere Asset Manager — Versions affected: < 2021-12-16
MindSphere Cloud Foundry — Versions affected: < 2021-12-14
MindSphere Cloud Platform — Versions affected: < 2021-12-11
MindSphere IAM (User Management/Settings) — Versions affected: All Versions
MindSphere Integrated Data Lake — Versions affected: < 2021-12-16
MindSphere Notification Service — Versions affected: < 2021-12-16
MindSphere Predictive Learning — Versions affected: All Versions
MindSphere Usage Transparency Service — Versions affected: < 2021-12-16
MindSphere Visual Explorer — Versions affected: All Versions
NX — Versions affected: All Versions
Opcenter EX CP Process Automation Control — Versions affected: >= V17.2.3 and < V18.1
Opcenter Intelligence — Versions affected: >= V3.2 only OEM version that ships Tableau
Operation Scheduler — Versions affected: >= V1.1.3
SENTRON powermanager V4 — Versions affected: V4.1, V4.2
SIGUARD DSA — Versions affected: V4.2, 4.3, 4.4
Simcenter 3D — Versions affected: <= V022.1
SiPass integrated V2.80 — Versions affected: All Versions
SiPass integrated V2.85 — Versions affected: All Versions
Siveillance Command — Versions affected: >= 4.16.2.1
Siveillance Control Pro — Versions affected: All Versions
Siveillance Identity V1.5 — Versions affected: All Versions
Siveillance Identity V1.6 — Versions affected: All Versions
Solid Edge CAM Pro — Versions affected: All Versions delivered with Solid Edge SE 2020 or later version
Solid Edge Harness Design — Versions affected: >= 2020 SP2002 only if Teamcenter integration feature is used
Spectrum Power 4 — Versions affected: >= V4.70 SP8
Spectrum Power 7 — Versions affected: >= V2.30 SP2
Teamcenter — Versions affected: >= V13.1
Teamcenter Active Workspace — Versions affected: >= V4.3
Teamcenter Briefcase Browser — Versions affected: >= V13.1
Teamcenter Data Share Manager — Versions affected: >= V13.1
Teamcenter Deployment Center — Versions affected: >= V13.1
Teamcenter Dispatcher Service — Versions affected: >= V13.1
Teamcenter EDA — Versions affected: >= V2.3
Teamcenter FMS — Versions affected: >= V11.3
Teamcenter Integration Framework — Versions affected: >= V13.2
Teamcenter MBSE Gateway — Versions affected: >= V4.0
Teamcenter Mendix Connector — Versions affected: V1.0
Teamcenter Microservices Framework — Versions affected: >= V5.1
Teamcenter Polarion Integration — Versions affected: >= V5.1
Teamcenter Rapid Start — Versions affected: >= V13.1
Teamcenter Reporting and Analytics — Versions affected: All Versions based on Java SOA client >= V11.3
Teamcenter Requirements Integrator — Versions affected: All Versions based on Java SOA client >= V11.3
Teamcenter Retail Footwear and Apparel — Versions affected: >= V4.3
Teamcenter Security Services — Versions affected: >= V11.3
Teamcenter Supplier Collaboration — Versions affected: >= V5.1
Teamcenter System Modeling Workbench — Versions affected: All Versions based on Java SOA client >= V11.3
Teamcenter Technical Publishing — Versions affected: >= V2.10
Xpedition Enterprise — Versions affected: >= VX.2.6
Xpedition IC Packaging — Versions affected: >= VX.2.6

SolarWinds #

Database Performance Analyzer (DPA) — Versions affected: 2021.1.X, 2021.3.X, 2022.1.X
Server & Application Monitor (SAM) — Versions affected: SAM 2020.2.6 and later

Soliton Systems #

MailZen Management Portal - On-Premise — Versions affected: 2.36.2, 2.37.3, 2.38.2

SonicWall #

Email Security — ES 10.0.11 and earlier versions are affected.
NSM — Affected.
WAF — Version 3.x with Cloud Management enabled is affected.

Splunk #

Add-On: Java Management Extensions — Versions 3.0.0 & 2.1.0 affected.
Add-On: JBoss — Versions 3.0.0 & 2.1.0 affected.
Data Stream Processor — DSP 1.0.x, DSP 1.1.x, DSP 1.2.x affected.
IT Service Intelligence (ITSI) — Versions 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, & 4.4.x affected.
Stream Processor Service — Current version affected.

Stardog #

Stardog — Versions affected: <7.8.1

Stratodesk #

NoTouch — Versions affected: 4.5.231

SwingSet #

SwingSet — Versions affected: < 4.0.6

TeamViewer #

TeamViewer Engage — Affected, low.
TeamViewer Frontline — Affected, low.
TeamViewer IoT — Affected, low.

Tesorion #

SOC-appliances and software — Versions affected: all (unverified)

Tibco #

BusinessWorks 5 V.5.15 — Under investagation.

TP-Link #

Controllers

Hardware Controllers

OC300

Hardware Controllers

OC200

TrendMicro #

Deep Discovery Director — Versions affected: <= 5.3, upgrade to 5.3 CPB1228 or 5.2 CPB1400

Ubiquiti #

UniFi Network Application — Versions affected: 6.5.53 & lower versions
UniFi Network Controller — Versions affected: 6.5.54 & lower versions

USoft #

USoft — Versions affected: 9.1 (unverified)

VMware #

The current list can be found in the advisory.

WatchGuard #

AuthPoint — Versions affected: Cloud

Wibu Systems #

CodeMeter Cloud Light — Versions affected: <= 2.2
CodeMeter Keyring for TIA Portal — Versions affected: <= 1.30

WitFoo #

WitFoo Precinct — Versions affected: 6.x

Zeiss #

Advanced Data Export — Versions affected: 1.X
Cataract Suite — Versions affected: 1.3.1
EQ Workplace — Versions affected: 1.6 - 1.8
FORUM — Versions affected: 4.2.X
Glaucoma Workplace — Versions affected: 3.5.X
Laser Treatment Workplace — Versions affected: 1.X
Retina Workplace — Versions affected: 2.5.X and 2.6.X

Zendesk #

All Products — Versions affected: All Versions

Other #

3ds — Some instances of log4j in Catia v6 R2020x.
Apereo CAS
Apple XCode
Aruba Networks — Affects Silver Peak Orchestrator in some configurations.
Avantra — Syslink
Avaya — Still investigating.
Azure Data Lake Store — Client.
Backbox — Affected versions 6.50 up to 6.53.x.
Blackberry — May be affected. No list 12/20
BMC Software — Still investigating.
Citrix Endpoint Management / XenMobile Server — Affected. Update to version 10.14 RP2, 10.13 RP5, or 10.12 RP10.
Citrix XenApp / XenDesktop — Linux Virtual Delivery Agent affected, update to version 2112. Not affected: Linux VDA LTSR (all versions) and All other CVAD components.
Code42
Connect2id — Server.
Contrast Security — Versions affected: All
Couchbase — Elasticsearch Connector and Server Enterprise.
Cpanel — via Solr plugin.
Datadog — Agent and seveal components affected.
Dynatrace Synthetic Chromium — Affected versions: update to 1.229.49.20211210-165018, 1.227.31.20211210-164955, 1.225.29.20211210-164930, 1.223.30.20211210-164926
ESRI ArcGIS
Forcepoint — Security Manager & DLP Manager
Ghidra — Versions affected: < 10.1
GoAnywhere — GoAnywhere MFT version 5.7.0 or later, GoAnywhere Gateway version 2.7.0 or later, GoAnywhere MFT Agents 1.4.2 or later
Grails
Graylog — Versions affected: >= 1.2.0 and <= 4.2.2
Guidewire
IBM QRadar — May be vulnerable.
IFS — Still investigating.
iManage — Work Indexer, Records Manager, Security Policy Manager, Threat Manager
Informatica — Still investigating.
InterSystems — Still investigating.
JAMF Pro — Versions affected: 10.31.0 - 10.34.1
JetBrains — License Server.
JGAAP
Jitsi — Video bridge.
Jitterbit — Jitterbit Harmony Private Agent: Partially affected.
Kafka Connect CosmosDB
Kaseya — Still investigating.
LogRhythm
LucentSky — Self-hosted.
Mailcow — Affected versions: < 1.8
McAfee — Still investigating.
Metabase
Minecraft
MongoDB — Atlas Search vulnerable, patched as of December 12, 6pm ET.
N-Able Risk Intelligence
Nelson
Neo4J — Versions affected: 4.2+
Netgear — Believed not affected, but still investigating.
Openfire
OpenHab
OpenMRS
OpenNMS
OpenSearch
PagerDuty Rundeck — Affeced, upgrade to v3.4.9/v3.3.17
PaperCut MF and NG — Versions affected: 21.0 and later
Pegasystems — Self-hosted.
PowerSchool
Progress — Open Edge & DataDirect Hybrid Data Pipeline.
Puppet — Continuous Delivery for Puppet Enterprise.
Radware
Red Hat — is reporting affected packages
Rosette — RNI Web Services.
RSA SecureID Authentication Manager
SAP
SAS — Profile and possibly other products.
SDL — WorldServer.
SecurityOnion — Versions affected: 2.3.90 20211210
Sentry — Through optional plugin.
ServiceNow — MID Servers & self-hosted.
Signald
Software AG — ARIS, Cumulocity, webMethods
Sophos Mobile EAS Proxy — Versions affected: < 9.7.2
Splunk
Spring Boot — if log4j was configured.
Sumo Logic — Collector Java agent affected. The current search link here will surface Sumo Logic servers in your organization, which themselves are not vulnerable, but presnece of the server could indicate existance of collectors in your organization.
SwingSet
SysAid — Remote Discovery Server.
SysAid Remote Discovery Server
Tableau
Talend Component Kit
Varonis
Wowza Streaming Engine
WSO2
ZAP Proxy
Zenoss — Zenoss Resource Manager version > 6.5
Zerto — Not affected.
Zimbra — Not affected.
Zoom — Under investigation for their own infrastructure

Potentially affected products #

Blackberry may be affected.
Citrix is still investigating many products.
Dell is still investigating.
Huawei is still investigating.
Kaseya is still investigating.
Oracle currently requires a support account to see affected products.
TrendMicro is still investigating.

What is Log4j? #

Impact of Log4J vulnerabilities #

How to stay on top of Log4Shell #

How to mitigate Log4J vulnerabilities #

How to find applications that use Log4J with runZero #

Scan with runZero to help with Log4J #

Acknowledgements #

Affected products and services #

ABB #

Adobe #

Akamai #

Amazon #

Apache #

APC #

Apereo #

Appeon #

Aptible #

Arista #

CloudVision

Cognitive Wi-Fi

DANZ Monitoring Fabric

Ascertia #

Atlassian #

Avaya #

BeyondTrust #

BMC Software #

Brainworks #

Broadcom (CA, Symantec) #

CaseWare #

CIS-CAT #

CIS-CAT #

Cisco #

Cisco Cloud Hosted Services

Collaboration and Social Media

Network and Content Security Devices

Network Management and Provisioning

Routing and Switching - Enterprise and Service Provider

Unified Computing

Video, Streaming, TelePresence, and Transcoding Devices

Voice and Unified Communications Devices

Other

Cloudera #

Cloudogu #

Commvault #

Confluent #

Decos #

Dell #

EMC

Other

Dell #

Other

Eaton #

Elastic #

EVL Labs #

Ewon #

ExtraHop #

F-Secure #

F5 #

Filecloud #

ForgeRock #

Fortinet #

Github #

Google Cloud #

Gradle #

GuardedBox #

HCL #

HPE #

HPE #

Huawei #

IBM #

Analytics

Data Management

Spectrum

Sterling

WebSphere

Other

Informatica #

Intel #

Intland #

Ivanti #