Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)
- If you want to add a link, comment or send it to me
- Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
- Royce Williams list sorted by vendors responses Royce List
- Very detailed list NCSC-NL
- The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
2n : https://www.2n.com/cs_CZ/novinky/produkty-2n-neohrozuje-zranitelnost-cve-2021-44228-komponenty-log4j-2
A10 Networks : https://support.a10networks.com/support/security_advisory/log4j-cve-2021-44228-cve-2021-45046/
ABB : https://search.abb.com/library/Download.aspx?DocumentID=9ADB012621&LanguageCode=en&DocumentPartId=&Action=Launch
Acunetix : https://www.acunetix.com/blog/web-security-zone/critical-alert-log4shell-cve-2021-44228-in-log4j-possibly-the-biggest-impact-vulnerability-ever/
Adeptia : https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-
Adobe ColdFusion : https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html
ADP : https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx
AFAS Software : https://help.afas.nl/vraagantwoord/NL/SE/120439.htm
Agilysys : https://info.agilysys.com/webmail/76642/2001127877/c3fda575e2313fac1f6a203dc6fc1db2439c3db0da22bde1b6c1b6747d7f0e2f
Alertus : https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US
Alfresco : https://hub.alfresco.com/t5/alfresco-content-services-blog/cve-2021-44228-related-to-apache-log4j-security-advisory/ba-p/310717
AlgoSec UNOFICIAl : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3994072
AlienVault : https://success.alienvault.com/s/article/are-USM-Anywhere-or-USM-Central-vulnerable-to-CVE-2021-44228
Alphatron Medical : https://www.alphatronmedical.com/home.html
Anaqua : https://www.anaqua.com/
APACHE Global : https://blogs.apache.org/security/entry/cve-2021-44228
Apero CAS : https://apereo.github.io/2021/12/11/log4j-vuln/
Appdynamics : https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability
Appeon : https://community.appeon.com/index.php/qna/q-a/apache-log4j2-remote-code-execution-vulnerability-cve-2021-44228-and-powerbuilder-infomaker#reply-31358
AppviewX : https://www.appviewx.com/blogs/apache-log4j-cve-2021-44228-vulnerability-zero-trust-networks-are-the-future/
APPSHEET : https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976
Aqua Security : https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub
Arduino : https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228
Arista : https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070
ArrayNetworks : https://twitter.com/ArraySupport/status/1470141638571745282
ArcticWolf : https://arcticwolf.com/resources/blog/log4j
Aruba Networks: https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security
Attivo networks : https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf
Autodesk : https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html
Avantra SYSLINK : https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability
AVM : https://avm.de/service/aktuelle-sicherheitshinweise/#Schwachstelle%20im%20Java-Projekt%20%E2%80%9Elog4j%E2%80%9C
AvTech RoomAlert : https://avtech.com/articles/23124/java-exploit-room-alert-link/
Axway Applications : https://support.axway.com/news/1331/lang/en
AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310
B&W Software : https://www.buw-soft.de/en/2021/12/20/investigation-about-log4j-vulnerability-of-bw-products/
Balbix : https://www.balbix.com/blog/broad-exposure-to-log4shell-cve-2021-44228-highlights-how-the-attack-surface-has-exploded/
Baramundi Products : https://forum.baramundi.com/index.php?threads/baramundi-produkte-von-log4shell-schwachstelle-in-log4j-nicht-betroffen.12539/#post-62875
BBraun : https://www.bbraun.com/en/products-and-therapies/services/b-braun-vulnerability-disclosure-policy/security-advisory/b-braun-statement-on-Apache_Log4j.html
BEC Legal Systems : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995524
Bender : https://www.bender.de/en/cert
Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) : https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j
BeyondTrust Bomgar : https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542
BigBlueButton : bigbluebutton/bigbluebutton#13897 (comment)
BisectHosting : https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html
BitDefender : https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability
BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/
BitWarden : https://community.bitwarden.com/t/log4j-log4shell-cve-is-bitwarden-affected-due-to-docker-image/36177/2
Blancco : https://support.blancco.com/display/NEWS/2021/12/12/CVE-2021-44228+-+Critical+vulnerability+in+Apache+Log4j+library
BMC Software : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability
BrightSign : https://brightsign.atlassian.net/wiki/spaces/DOC/pages/370679198/Security+Statement+Log4J+Meltdown+and+Spectre+Vulnerabilities#SecurityStatement%3ALog4J%2CMeltdownandSpectreVulnerabilities-JavaApacheLog4j
Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793
Broadcom Automic Automation : https://knowledge.broadcom.com/external/article?articleId=230308
BuildSoft : https://bsoft.zendesk.com/hc/en-us/articles/4411821391631-Security-Advisory-Apache-Log4j-CVE-2021-44228-
C4b XPHONE : https://www.c4b.com/de/news/log4j.php
Calyptix Security : https://twitter.com/calyptix/status/1470498981147029507
Camunda : https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910
Canon : https://www.canon.com.au/support/support-news/support-news/security-advisory-potential-apache-log4j-vulnerability
CAS genesisWorld : https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446
Cato Networks : https://www.catonetworks.com/blog/cato-networks-rapid-response-to-the-apache-log4j-remote-code-execution-vulnerability/
Celiveo : https://support.celiveo.com/support/solutions/articles/79000129570-cve-2021-44228-log4shell-log4j-vulnerability-celiveo-is-not-affected-
Cerberus FTP : https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability
CGM CompuGroup Medical SE & Co. KGaA Germany - Software Z1 : https://www.cgm.com/deu_de/plattformen/telematikinfrastruktur/service-und-updates/allgemeines-zu-updates/Information-zur-BSI-Warnmeldung.html
ChaserSystems : https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected
Checkmarx plugin : jenkinsci/checkmarx-plugin#83
CheckPoint : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865
Ciphermail : https://www.ciphermail.com/blog/ciphermail-gateway-and-webmail-messenger-are-not-vulnerable-to-cve-2021-44228.html
Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd
Claris : https://community.claris.com/en/s/article/Q-A-Claris-products-and-the-Apache-Log4j-vulnerability
Cloudera : https://my.cloudera.com/knowledge/TSB-2021-545-Critical-vulnerability-in-log4j2-CVE-2021-44228?id=332019
CloudFoundry : https://www.cloudfoundry.org/blog/log4j-vulnerability-cve-2021-44228-impact-on-cloud-foundry-products/
Cloudian HyperStore : https://cloudian-support.force.com/s/article/SECURITY-Cloudian-HyperStore-Log4j-vulnerability-CVE-2021-44228
Code42 : https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_response_to_industry_security_incidents
CodeBeamer : https://codebeamer.com/cb/wiki/19872365
Cohesity : https://support.cohesity.com/s/article/Security-Advisory-Apache-Log4j-Remote-Code-Execution-RCE-CVE-2021-44228
CommVault : https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html
Confluent : https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability
Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1
ConnectWise : https://www.connectwise.com/company/trust/advisories
ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548
COPADATA : https://www.copadata.com/en/support-services/knowledge-base-faq/pare-products-in-the-zenon-product-family-affect-4921/
CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402
Cradlepoint : https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/
Crate CrateDB : crate/crate#11968 (comment)
CrushFTP : https://www.crushftp.com/download.html
Cumul.io https://status.cumul.io/#incidents
CURL libcurl : https://twitter.com/bagder/status/1470879113116360706
Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228
CyberRes : https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228
Dassault Systèmes : https://kb.dsxclient.3ds.com/mashup-ui/page/resultqa?id=QA00000102301e
Databricks : https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub
Datev : https://www.datev-community.de/t5/Freie-Themen/Log4-J-Schwachstelle/m-p/258185/highlight/true#M14308
dCache.org : https://www.dcache.org/post/log4j-vulnerability/
DCM4CHE.org : dcm4che/dcm4che#1050
Dell : https://www.dell.com/support/kbdoc/en-us/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability
DELL : https://www.dell.com/support/kbdoc/en-us/000194416/additional-information-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228
Diebold Nixdorf : https://www.dieboldnixdorf.com/en-us/apache
Digilent waveforms : https://forum.digilentinc.com/topic/22531-has-waveforms-been-affected-by-the-log4j-vulnerability-cve-2021-44228/
Digital AI : https://support.digital.ai/hc/en-us/articles/4412377686674-Log4J-Vulnerability-to-Zero-Day-Exploit-and-Digital-ai#overview-0-1
Docusign : https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability
DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282
EasyRedmine : https://www.easyredmine.com/news/easy-redmine-application-is-not-affected-by-the-vulnerability-cve-2021-44228
EclecticIQ : https://docs.eclecticiq.com/security-advisories/security-issues-and-mitigation-actions/eiq-2021-0016-2
Eclipse Foundation : https://wiki.eclipse.org/Eclipse_and_log4j2_vulnerability_(CVE-2021-44228)
EFI : https://communities.efi.com/s/article/Are-Fiery-Servers-vulnerable-to-CVE-2021-44228-Apache-Log4j2?language=en_US
EHRBase : ehrbase/ehrbase#700
Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476
Ellucian (Banner and Colleague Higher Education SIS) : https://www.ellucian.com/news/ellucian-response-apache-log4j-issue
Emerson : https://www.emerson.com/documents/automation/emerson-cyber-security-notification-en-7881618.pdf
ESA SNAP Toolbox : https://forum.step.esa.int/t/snap-not-affected-by-log4j-vulnerability/34167
ESRI : https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/
Estos : https://support.estos.de/de/sicherheitshinweise/estos-von-kritischer-schwachstelle-in-log4j-cve-2021-44228-nicht-betroffen
EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2
Evolveum Midpoint : https://evolveum.com/midpoint-not-vulnerable-to-log4shell/
Ewon : https://hmsnetworks.blob.core.windows.net/www/docs/librariesprovider10/downloads-monitored/manuals/release-notes/ecatcher_releasenotes.txt?sfvrsn=4f054ad7_42
Exivity : https://docs.exivity.com/getting-started/releases/announcements#announcement-regarding-cve-2021-44228
eXtreme Hosting : https://extremehosting.nl/log4shell-log4j/
Extreme Networks : https://extremeportal.force.com/ExtrArticleDetail?an=000100806
F5 Networks : https://support.f5.com/csp/article/K19026212
FileCatalyst : https://support.filecatalyst.com/index.php/Knowledgebase/Article/View/advisory-log4j-zero-day-security-vulnerability
FileCloud : https://www.getfilecloud.com/supportdocs/display/cloud/Advisory+2021-12-2+Impact+of+Apache+Log4j2+Vulnerability+on+FileCloud+Customers
FileWave : https://kb.filewave.com/display/KB/Security+Notice:+Apache+log4j+Vulnerability+CVE-2021-44228
FINVI : https://finvi.com/support/
Flexagon : https://flexagon.com/what-is-the-impact-of-log4j-vulnerability-cve-2021-44228-on-flexdeploy/
Flexera : https://community.flexera.com/t5/Community-Notices/Flexera-s-response-to-Apache-Log4j-2-remote-code-execution/ba-p/216934
ForcePoint : https://support.forcepoint.com/s/article/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-Forcepoint-Security-Manager
Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228
Fujitsu : https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf
Gerrit code review : https://www.gerritcodereview.com/2021-12-13-log4j-statement.html
Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning
Gigamon : https://community.gigamon.com/gigamoncp/s/article/Are-Gigamon-products-affected-by-CVE-2021-44228
GitHub Response : https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
Google Cloud Global Products coverage : https://cloud.google.com/log4j2-security-advisory
Google Cloud Armor WAF : https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability
Grafana : https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/
Grandstream : https://blog.grandstream.com/press-releases/grandstream-products-unaffected-by-log4j-vulnerability?hsLang=en
GratWiFi WARNING I can't confirm it: https://www.facebook.com/GratWiFi/posts/396447615600785
GreenShot : https://greenshot.atlassian.net/browse/BUG-2871
Guidewire : https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products
HarmanPro AMX : https://help.harmanpro.com/apache-log4j-vulnerability
Hashicorp : https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228/33138
HelpSystems Clearswift : https://community.helpsystems.com/kb-nav/kb-article/?id=37becc1c-255c-ec11-8f8f-6045bd006687
Hewlett Packard Enterprise HPE : https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04215en_us
Hewlett Packard Enterprise HPE GLOBAL : https://techhub.hpe.com/eginfolib/securityalerts/Apache%20Software%20Log4j/Apache_Software_Log4j.html
Hexagon : https://supportsi.hexagon.com/help/s/article/Security-Vulnerability-CVE-2021-44228-log4j-2?language=en_US
Hikvision : https://video.xortec.de/media/pdf/87/e8/03/kw50_Update-for-Apache-Log4j2-Issue-Hikvision_official.pdf
Hitachi Vantara : https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2
Honeywell : https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability
Hubspot : https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949
Hyte.IO : https://hyte.io/cve-2021-44228/
I-Net software : https://faq.inetsoftware.de/t/statement-about-cve-2021-44228-log4j-vulnerability-concerning-i-net-software-products/269/3
IBA-AG : https://www.iba-ag.com/en/security
IFS : https://community.ifs.com/announcements-278/urgent-bulletin-ifs-advisory-ifs-products-services-and-log4j-cve-2021-44228-16436
Ignite Realtime OpenFire : https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108
Illumina : https://support.illumina.com/bulletins/2021/121/investigation-of-log4j-vulnerability-with-clarity-lims.html
Illuminated Cloud : https://illuminatedcloud.blogspot.com/2021/12/illuminated-cloud-2-and-log4j-security.html
Illumio : https://support.illumio.com/knowledge-base/articles/Customer-Security-Advisory-on-log4j-RCE-CVE-2021-44228.html
IManage : https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e
Imperva : https://docs.imperva.com/howto/9111b8a5/
Inductive Automation : https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day
IndustrialDefender : https://www.industrialdefender.com/cve-2021-44228-log4j/
infinidat : https://support.infinidat.com/hc/en-us/articles/4413483145489-INFINIDAT-Support-Announcement-2021-010-Log4Shell-CVE-2021-44228
Infoblox : https://support.infoblox.com/articles/Knowledge/Infoblox-NIOS-and-BloxOne-products-not-vulnerable-to-CVE-2021-44228
Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update
Inovonics Broadcast : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3996774
Instructure : https://community.canvaslms.com/t5/Community-Users/Instructure-amp-the-Apache-Log4j2-Vulnerability/ba-p/501907
Integrative Genomics Viewer IGV : https://github.com/igvteam/igv/commit/40aa5e0c6b5f2eac0a1528658189fd7de8f20347
InterSystems : https://www.intersystems.com/gt/apache-log4j2/
Intuit Quickbooks : https://quickbooks.intuit.com/learn-support/en-us/quickbooks-time/0-day-log4j-exploit/00/990291
IronCore Labs : https://twitter.com/IronCoreLabs/status/1469359583147659269
Ironnet : https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability
ISLONLINE : https://blog.islonline.com/2021/12/13/isl-online-is-not-affected-by-log4shell-vulnerability/
ISPNext : https://github.com/NCSC-NL/log4shell/blob/main/software/vendor-statements/ISPNext.png
Ivanti : https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
IVPN : https://www.reddit.com/r/IVPN/comments/rgw3nd/comment/homt79k/?utm_source=share&utm_medium=web2x&context=3
Jamasoftware : https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22
Jam Software : https://knowledgebase.jam-software.de/7577
Jaspersoft : https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products
JazzSM DASH IBM : https://www.ibm.com/support/pages/node/6525552
Jedox : https://www.jedox.com/en/trust/
JetBrains Global :https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/
JetBrains Teamcity : https://youtrack.jetbrains.com/issue/TW-74298
JetBrains YouTrack and Hub : https://youtrack.jetbrains.com/issue/JT-67582
JFROG : https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/
Jitterbit : https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability
Jitsi : https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md
Johnson Controls : https://www.johnsoncontrols.com/-/media/jci/cyber-solutions/product-security-advisories/2021/jci-psa-2021-23-v3.pdf?la=en&hash=1FC58B65D948E106055CA63184EFBCAB5C7DD9A1
Journyx : https://community.journyx.com/support/solutions/articles/9000209044-apache-log4j-2-vulnerability-cve-2021-44228-
Jump Desktop : https://support.jumpdesktop.com/hc/en-us/articles/4416720395021-Log4j-CVE-2021-44228-CVE-2021-45046-Statement
Juniper Networks : https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259
Justice Systems : https://www.justicesystems.com/services/support/
Kafka Connect CosmosDB : https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md
Kaseya : https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment
Keeper Security : https://www.keepersecurity.com/blog/2021/12/15/public-notice-regarding-the-apache-foundation-log4j-vulnerability/
KEMP : https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit
KEMP 2 : https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-
Keycloak : keycloak/keycloak#9078
KiteWorks : https://www.kiteworks.com/kiteworks-news/log4shell-apache-vulnerability-what-kiteworks-customers-need-to-know/
Kofax : https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228)
Komoot Photon : komoot/photon#620
Konica Minolta : https://www.konicaminolta.de/de-de/support/log4j
L3Harris Geospatial : https://www.l3harrisgeospatial.com/Support/Self-Help-Tools/Help-Articles/Help-Articles-Detail/ArtMID/10220/ArticleID/24141/Impact-of-Log4j-Java-Security-Vulnerability-CVE-2021-44228-on-L3Harris-Geospatial-software
LabCollector : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995088
Lancom Systems : https://www.lancom-systems.com/service-support/instant-help/general-security-information/
Lansweeper : https://www.lansweeper.com/vulnerability/critical-log4j-vulnerability-affects-millions-of-applications/
Laserfiche : https://answers.laserfiche.com/questions/194037/Do-any-Laserfiche-products-use-the-Apache-log4j-library#194038
LastPass : https://support.logmeininc.com/lastpass/help/log4j-vulnerability-faq-for-lastpass-universal-proxy
Lepide : https://www.lepide.com/news/lepide-statement-on-cve-2021-44228-the-apache-log4j-vulnerability/
LibreNMS : https://community.librenms.org/t/is-librenms-affected-by-vulnerable-to-cve-2021-25218-cve-2021-44228/17675/6
LiveAction : https://documentation.liveaction.com/LiveNX/LiveNX%2021.5.1%20Release%20Notes/Release%20Notes%20LiveNX%2021.5.1.1.3
Loftware : https://help.loftware.com/lps-kb/content/log4j%20cve-2021-44228.htm?Highlight=CVE-2021-44228
LogiAnalytics : https://devnet.logianalytics.com/hc/en-us/articles/4415781801751-Statement-on-Log4j-Vulnerability-CVE-2021-44228-
LogMeIn : https://community.logmein.com/t5/LogMeIn-Central-Discussions/LOG4J-Vulnerability/m-p/280317/highlight/true#M8327
LogRhythm : https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068
Looker : https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub
Lucee : https://dev.lucee.org/t/lucee-is-not-affected-by-the-log4j-jndi-exploit-cve-2021-44228/9331/4
MailCow : mailcow/mailcow-dockerized#4375
ManageEngine Zoho : https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus
ManageEngine Zoho : https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1
Marin software : https://insights.marinsoftware.com/marin-software/marin-software-statement-on-log4j-vulnerability/
MathWorks Matlab : https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time
Matomo : https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089
Mattermost FocalBoard : https://forum.mattermost.org/t/log4j-vulnerability-concern/12676
MediathekView.de : https://mediathekview.de/changelog/13-8-1/
MEINBERG : https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm
Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37
MicroFocus : https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228
Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Microstrategy : https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US
Midori Global : https://www.midori-global.com/blog/2021/12/15/cve-2021-44228-log4shell-midori-apps-are-not-affected
Milestone sys : https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US
Mimecast : https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability
Minecraft : https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition
MONARC Project : https://twitter.com/MONARCproject/status/1470349937443491851
MoogSoft : https://servicedesk.moogsoft.com/hc/en-us/articles/4412463233811?input_string=log4j+vulnerability+%7C%7C+cve-2021-44228
Motorola Avigilon : https://support.avigilon.com/s/article/Technical-Notification-Apache-Log4j2-vulnerability-impact-on-Avigilon-products-CVE-2021-44228?language=en_US
NAKIVO : https://forum.nakivo.com/index.php?/topic/7574-log4j-cve-2021-44228/&do=findComment&comment=9145
NELSON : https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala
NetGate PFSense : https://forum.netgate.com/topic/168417/java-log4j-vulnerability-is-pfsense-affected/35
Netwrix : https://www.netwrix.com/netwrix_statement_on_cve_2021_44228_the_apache_log4j_vulnerability.html
NextGen Healthcare Mirth : nextgenhealthcare/connect#4892 (comment)
Newrelic : https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-03/
Nice Software (AWS) EnginFRAME : https://download.enginframe.com/
NinjaRMM : https://ninjarmm.zendesk.com/hc/en-us/articles/4416226194189-12-10-21-Security-Declaration-NinjaOne-not-affected-by-CVE-2021-44228-log4j-
NI (National Instruments) : https://www.ni.com/en-us/support/documentation/supplemental/21/ni-response-to-apache-log4j-vulnerability-.html
NSFocus : https://nsfocusglobal.com/apachelog4j-remote-code-execution-vulnerability-cve-2021-44228-threat-alert/
Objectif Lune : https://learn.objectiflune.com/blog/security/statement-on-log4j-vulnerability-cve-2021-4428/
Obsidiandynamics KAFDROP : obsidiandynamics/kafdrop#315
OpenCMS : https://documentation.opencms.org/opencms-documentation/server-installation/log4j-security-vulnerability/index.html
Opengear : https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected
OpenHab : openhab/openhab-distro#1343
OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/
OpenMRS TALK : https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341
OpenTripPlanner : opentripplanner/OpenTripPlanner#3785
OwnCloud : https://central.owncloud.org/t/owncloud-not-directly-affected-by-log4j-vulnerability/35493
Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228
PandoraFMS : https://pandorafms.com/blog/es/cve-2021-44228/
Panopto : https://support.panopto.com/s/article/Panopto-Statement-on-the-Log4j2-Zero-Day-Vulnerability
Pantheon hosting : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3996953
Parallels : https://kb.parallels.com/en/128696
Parse.ly : https://blog.parse.ly/parse-ly-log4shell/
PasswordSafe : https://www.passwordsafe.com/de/blog/log4j-zero-day-luecke/
PasswordState : https://www.reddit.com/r/passwordstate/comments/rf7d62/log4j_zeroday_log4shell_vulnerability/
Perforce : https://www.perforce.com/support/log4j
Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability
Pentaho :https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-
Planon Software : https://my.planonsoftware.com/uk/news/log4j-impact-on-planon/
Plesk : https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache
Polycom : https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn-21-08-poly-systems-apache.pdf
PortSwigger : https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0
Postman : https://support.postman.com/hc/en-us/articles/4415791933335-Is-Postman-impacted-by-the-Log4j-vulnerability-CVE-2021-44228-
PrimeKey : https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228
Progress / IpSwitch : https://www.progress.com/security
ProofPoint : https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2
Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/
Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)
PWM Project : pwm-project/pwm#628
Pyramid Analytics : https://community.pyramidanalytics.com/t/83hjjt4/log4j-security-vulnerability-pyramid
Qlik : https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368
QSC Q-SYS : https://qscprod.force.com/selfhelpportal/s/article/Are-Q-SYS-products-affected-by-the-Log4j-vulnerability-CVE-2021-44228
QT : https://www.qt.io/blog/the-qt-company-products-not-affected-by-cve-2021-44228-log4j-vulnerability
Radfak : https://www.radfak.de/ankuendigungen-news/130-radfak-und-log4j-cve-2021-44228-sicherheitsluecke.html
Rapid7 : https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/
Raritan : https://www.raritan.com/support
Reiner SCT : https://forum.reiner-sct.com/index.php?/topic/5973-timecard-und-log4j-schwachstelle/&do=findComment&comment=14933
Revenera / Flexera : https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905
RocketChat : RocketChat/Rocket.Chat#23927
Rocket Software : https://community.rocketsoftware.com/forums/forum-home/digestviewer/viewthread?MessageKey=4f7520d4-ebdf-46be-ae93-60ec058d6baa&CommunityKey=dd45d00d-59db-4884-b3eb-2b0647af231b&tab=digestviewer&bm=4f7520d4-ebdf-46be-ae93-60ec058d6baa#bm4f7520d4-ebdf-46be-ae93-60ec058d6baa
Rockwell Automation : https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605
Rosetta UNOFICIAL : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993903
Royal HaskoningDHV Digital : https://www.lanner.com/fr-fr/insights/news/royal-haskoningdhv-digital-and-cve-2021-44228-apache-log4j2.html
Ruckus wireless : https://support.ruckuswireless.com/security_bulletins/313
RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/
RSA SecurID: https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501
RSA Netwitness : https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540
SAFE FME Server : https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j
SAGE : https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228
SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681
SAP Advanced Platform : https://launchpad.support.sap.com/#/notes/3130698
SAP BusinessObjects : https://launchpad.support.sap.com/#/notes/3129956
SAP Global coverage : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3994039
SAS : https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html
Savignano software solutions : https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify
ScaleFusion MobileLock Pro : https://help.mobilock.in/article/t9sx43yg44-scalefusion-security-advisory-for-apache-log-4-j-vulnerability-cve-2021-44228
Schneider Electric : https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01
SCM Manager : https://scm-manager.org/blog/posts/2021-12-13-log4shell/
ScreenBeam : https://customersupport.screenbeam.com/hc/en-us/articles/4416468085389-December-2021-Security-Alert-Log4j-CVE-2021-44228
SDL worldServer : https://gateway.sdl.com/apex/communityknowledge?articleName=000017707
Seagull Scientific : https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability
SecurePoint : https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html
Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html
Seeburger : https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open
SentinelOne : https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/
Server Eye : https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/
SFIRM : https://www.sfirm.de/nc/aktuelle-meldungen/aktuelles/article//update-141221-sfirm-440-von-java-sicherheitsluecke-log4j-nicht-betroffen.html
Shopify : https://community.shopify.com/c/technical-q-a/is-shopify-affected-by-the-log4j-vulnerability/td-p/1417625
Siebel : https://www.siebelhub.com/main/2021/12/log4j-vulnerability-cve-2021-44228-and-siebel-crm.html
Sierra Wireless : https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2021-007/
Skillable : https://skillable.com/log4shell/
SLF4J : http://slf4j.org/log4shell.html
SmartBear : https://smartbear.com/security/cve-2021-44228/
Snowflake : https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228
Spigot : https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/
Solace : https://solace.community/discussion/1131/solace-issue-notification-sol-61111-cve-2021-44228-cve-2021-45046-apache-log4j-jndi-vulnerability
SpaceLabs Healthcare : https://www.spacelabshealthcare.com/products/security/security-advisories-and-archives/log4shell-vulnerability-assessment-and-potential-product-impact-statement/
Sprecher Automation : https://www.sprecher-automation.com/en/it-security/security-alerts
Splashtop : https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/4412788262811-Is-Splashtop-affected-by-Apache-Log4j-
Splunk : https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html
Sterling Order IBM : https://www.ibm.com/support/pages/node/6525544
StormShield : https://www.stormshield.com/news/log4shell-security-alert-stormshield-product-response/
StrangeBee TheHive & Cortex : https://blog.strangebee.com/apache-log4j-cve-2021-44228/
Stratodesk : http://cdn.stratodesk.com/repository/notouch-center/10/4.5.231/0/ReleaseNotes-Stratodesk-NoTouch_Center-4.5.231.html
Stripe : https://support.stripe.com/questions/update-for-apache-log4j-vulnerability-(cve-2021-44228)
SumoLogic : https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12
Superna EYEGLASS : https://manuals.supernaeyeglass.com/project-technical-advisories-all-products/HTML/technical-advisories.html#h2__1912345025
Suprema Inc : https://www.supremainc.com/en/
Sweepwidget : https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032
Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10
Swisslog : https://www.swisslog.com/en-us/about-swisslog/newsroom/news-press-releases-blog-posts/2021/12/apache-cyber-attack
Synopsys : https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228
Syntevo : https://www.syntevo.com/blog/?p=5240
Tableau server (Now a Salesforce company!): https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell
Tanium : https://community.tanium.com/s/article/How-Tanium-Can-Help-with-CVE-2021-44228-Log4Shell#_Toc90296319
Tasktop : https://docs.tasktop.com/home/cve-2021-44228-apache-log4j-vulnerability-in-tasktop-products
TealiumIQ : https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824
TeamPasswordManager : https://teampasswordmanager.com/blog/log4j-vulnerability/
Tenable : https://www.tenable.com/log4j
TestOut : https://support.testout.com/hc/en-us/articles/4413081889947-Is-TestOut-LabSim-Impacted-by-the-Apache-Log4j-vulnerability-CVE-2021-44228-
Thales : https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=02863d13db544110f0e3220805961914&sysparm_article=KB0025287
Thales (SafeNet) HSM : https://supportportal.thalesgroup.com/csm?id=kb_article_protected&sys_id=12acaed3dbd841105d310573f3961953
The Access Group : https://pages.theaccessgroup.com/Response-Log4J-Dec21.html
ThreatLocker : https://threatlocker.kb.help/log4j-vulnerability/
Threema UNOFICIAL : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993316
ThycoticCentrify : https://docs.thycotic.com/bulletins/current/2021/cve-2021-44228-exploit.md
TopDesk : https://my.topdesk.com/tas/public/ssp/content/detail/knowledgeitem?unid=74952771dfab4b0794292e63b0409314
Top Gun Technology (TGT) : https://www.topgun-tech.com/technical-bulletin-apache-software-log4j-security-vulnerability-cve-2021-44228/
Topicus KeyHub : https://blog.topicus-keyhub.com/topicus-keyhub-is-not-vulnerable-to-cve-2021-44228/
Tosibox : https://helpdesk.tosibox.com/support/solutions/articles/2100050946-security-advisory-on-vulnerability-in-apache-log4j-library-cve-2021-44228
TrendMicro : https://success.trendmicro.com/solution/000289940
Tricentis Tosca : https://support-hub.tricentis.com/open?number=NEW0001148&id=post
Tripwire : https://www.tripwire.com/log4j
Tufin : https://portal.tufin.com/articles/SecurityAdvisories/Apache-Log4Shell-Vulnerability-12-12-2021
Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-55/48c64137-4a4a-41f7-b7e4-3bee505ae16e
Umbraco : https://umbraco.com/blog/security-advisory-december-15-2021-umbraco-cms-and-cloud-not-affected-by-cve-2021-44228-log4j-rce-0-day-mitigation/
USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability
VArmour : https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility
Varnish Software : https://docs.varnish-software.com/security/CVE-2021-44228-45046/
Veeam : https://www.veeam.com/kb4254
Venafi : https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice
Veritas NetBackup : https://www.veritas.com/content/support/en_US/article.100052070
Vertica : https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used
Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md
Vigilant Software (CyberComply : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3997784
VisualSVN : https://www.visualsvn.com/company/news/visualsvn-products-are-not-affected-by-CVE-2021-44228
Wasp Barcode technologies : https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no
WatchGuard / Secplicity / https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/
Western Digital : https://www.westerndigital.com/support/product-security/wdc-21016-apache-log4j-2-remote-code-execution-vulnerability-analysis
World Programming WPS analytics : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995649
WSO2 : wso2/security-tools#169
XenForo : https://xenforo.com/community/threads/psa-potential-security-vulnerability-in-elasticsearch-5-via-apache-log4j-log4shell.201145/
Xerox : https://security.business.xerox.com/wp-content/uploads/2021/12/Xerox-Special-Bulletin-Regarding-CVE-2021-44228.pdf
Xray connector plugin : jenkinsci/xray-connector-plugin#53
Yandex-Cloud : https://github.com/yandex-cloud/docs/blob/6ff6c676787756e7dd6101c53b051e4cd04b3e85/ru/overview/security-bulletins/index.md#10122021--cve-2021-44228--%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5-%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%B4%D0%B0-log4shell-apache-log4j
Yellowbrick : https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability
YSoft SAFEQ : https://www.ysoft.com/getattachment/Products/Security/Standards-Compliance/text/Information-Security-Policy-Statement/YSOFT-SAFEQ-LOG4J-VULNERABILITY-PRODUCT-UPDATE-WORKAROUND-1.pdf
Zebra : https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html
Zenoss : https://support.zenoss.com/hc/en-us
ZPE systems Inc : https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j
Zoom : https://community.zoom.com/t5/Community-Help-Center/Zoom-security-exposure/m-p/28109/highlight/true#M2059
Zowe : zowe/community#1381
ZSCALER : https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021
Zyxel : https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml
- If you want to add a link, comment or send it to me
- Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
Quick update (pun intended) from Intuit Quickbooks Online:
"As stewards of our customer’s data, security is a top priority for Intuit. We are aware of and understand the potential impact of the Log4j vulnerability for the industry, and Intuit.
We’ve taken immediate action to address and mitigate the Log4j vulnerability across the Intuit platform. We’ll also be working closely with our engineering supply chain and third party partners to confirm that they are remediating any concerns with their systems."
This does not confirm that they've patched -- sharing the info nonetheless.