Skip to content

Instantly share code, notes, and snippets.

@bigbrobro

bigbrobro/20211210-TLP-WHITE_LOG4J.md

Forked from SwitHak/20211210-TLP-WHITE_LOG4J.md
Created December 15, 2021 11:21
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save bigbrobro/e0c10a814d35b2238b8fd4785864f1a7 to your computer and use it in GitHub Desktop.
Save bigbrobro/e0c10a814d35b2238b8fd4785864f1a7 to your computer and use it in GitHub Desktop.
Download ZIP
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-15 0016 UTC
Raw
20211210-TLP-WHITE_LOG4J.md

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

0-9

3CX : https://www.3cx.com/community/threads/log4j-vulnerability-cve-2021-44228.86436/#post-407911

7-Zip : https://sourceforge.net/p/sevenzip/discussion/45797/thread/b977bbd4d1/

A

Acquia : https://support.acquia.com/hc/en-us/articles/4415823329047-Apache-log4j-CVE-2021-44228

Acronis : https://security-advisory.acronis.com/advisories/SEC-3859

Addigy : https://addigy.com/blog/addigy-and-apaches-log4j2-cve-2021-44228-status/

Adeptia : https://support.adeptia.com/hc/en-us/articles/4412815509524-CVE-2021-44228-Log4j2-Vulnerability-Mitigation-

Adobe ColdFusion : https://helpx.adobe.com/coldfusion/kb/log4j-vulnerability-coldfusion.html

ADP : https://www.adp.com/about-adp/data-security/alerts/adp-vulnerability-statement-apache-log4j-vulnerability-cve-2021-44228.aspx

Agenda : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995221

Akamai : https://www.akamai.com/blog/news/CVE-2021-44228-Zero-Day-Vulnerability

Alcatel : https://dokuwiki.alu4u.com/doku.php?id=log4j

Alertus : https://help.alertus.com/s/article/Security-Advisory-Log4Shell-Vulnerability?language=en_US

AlgoSec UNOFICIAl : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3994072

AlienVault UNOFICIAL : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3994150

Altaro : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995170

Apache Druid : apache/druid#12051

Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html

Apache Guacamole https://issues.apache.org/jira/projects/GUACAMOLE/issues/GUACAMOLE-1474?filter=allissues

Apache James : apache/james-project#794

Apache Jena : https://lists.apache.org/thread/nc3gz7yvokc9ktkzs8078jr5t04nfmdy

Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html

Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv

Apache Projects : https://blogs.apache.org/security/entry/cve-2021-44228

Apache Pulsar : https://pulsar.apache.org/blog/2021/12/11/Log4j-CVE/

Apache Solr : https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228

Apache Struts : https://struts.apache.org/announce-2021#a20211212-2

Apero CAS : https://apereo.github.io/2021/12/11/log4j-vuln/

Apigee : https://status.apigee.com/incidents/3cgzb0q2r10p

Apollo : https://community.apollographql.com/t/log4j-vulnerability/2214

Appdynamics : https://docs.appdynamics.com/display/PAA/Security+Advisory%3A+Apache+Log4j+Vulnerability

AppGate : https://www.appgate.com/blog/appgate-sdp-unaffected-by-log4j-vulnerability

APPSHEET : https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976

Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4

Aqua Security : https://docs.google.com/document/d/e/2PACX-1vSmFR3oHPXOih1wENKd7RXn0dsHzgPUe91jJwDTsaVxJtcJEroktWNLq7BMUx9v7oDZRHqLVgkJnqCm/pub

Arduino : https://support.arduino.cc/hc/en-us/articles/4412377144338-Arduino-s-response-to-Log4j2-vulnerability-CVE-2021-44228

Ariba : https://connectsupport.ariba.com/sites#announcements-display&/Event/908469

Arista : https://www.arista.com/en/support/advisories-notices/security-advisories/13425-security-advisory-0070

ArrayNetworks : https://twitter.com/ArraySupport/status/1470141638571745282

Aruba Networks: https://asp.arubanetworks.com/notifications/Tm90aWZpY2F0aW9uOjEwMTQ0;notificationCategory=Security

Attivo networks : https://www.attivonetworks.com/wp-content/uploads/2021/12/Log4j_Vulnerability-Advisory-211213-4.pdf

Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html

AudioCodes : https://services.audiocodes.com/app/answers/kbdetail/a_id/2225

Autopsy : https://www.autopsy.com/autopsy-and-log4j-vulnerability/

Auth0 : https://twitter.com/auth0/status/1470086301902721024

Autodesk : https://knowledge.autodesk.com/support/autocad/troubleshooting/caas/sfdcarticles/sfdcarticles/CVE-2021-44228.html

Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10

Avantra SYSLINK : https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability

Avaya : https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609

AVEPOINT : https://www.avepoint.com/company/java-zero-day-vulnerability-notification

AVM UNOFICIAl : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993316

AvTech RoomAlert : https://avtech.com/articles/23124/java-exploit-room-alert-link/

AWS New : https://aws.amazon.com/security/security-bulletins/AWS-2021-006/

AWS OLD: https://aws.amazon.com/security/security-bulletins/AWS-2021-005/

AXS Guard : https://www.axsguard.com/en_US/blog/security-news-4/log4j-vulnerability-77

Axways Applications : https://support.axway.com/news/1331/lang/en

AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310

B

BackBox : https://updates.backbox.com/V6.5/Docs/CVE-2021-44228.pdf

BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838

Barracuda : https://blog.barracuda.com/2021/12/13/barracuda-waf-and-waf-as-a-service-protect-against-the-apache-log4j-critical-vulnerability/

BEC Legal Systems : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995524

BeyondTrust Bomgar : https://beyondtrustcorp.service-now.com/kb_view.do?sysparm_article=KB0016542

BigBlueButton : bigbluebutton/bigbluebutton#13897 (comment)

BisectHosting : https://www.bisecthosting.com/clients/index.php?rp=/knowledgebase/205/Java-Log4j-Vulnerability.html

BitDefender : https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability

BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/

Blancco : https://support.blancco.com/display/NEWS/2021/12/12/CVE-2021-44228+-+Critical+vulnerability+in+Apache+Log4j+library

Blumira : https://www.blumira.com/cve-2021-44228-log4shell/

BMC Software : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability

Boomi DELL : https://community.boomi.com/s/article/Log4j-Vulnerability

Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793

Broadcom Automic Automation : https://knowledge.broadcom.com/external/article?articleId=230308

C

C4b XPHONE : https://www.c4b.com/de/news/log4j.php

Calyptix Security : https://twitter.com/calyptix/status/1470498981147029507

Camunda : https://forum.camunda.org/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228/31910

CarbonBlack : https://www.vmware.com/security/advisories/VMSA-2021-0028.html

CAS GenesysWorld : https://helpdesk.cas.de/CASHelpdesk/FAQDetails.aspx?gguid=0x79F9E881EE3C46C1A71BE9EB3E480446

Cerberus FTP : https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability

ChaserSystems : https://chasersystems.com/discrimiNAT/blog/log4shell-and-its-traces-in-a-network-egress-filter/#are-chasers-products-affected

Checkmarx plugin : jenkinsci/checkmarx-plugin#83

CheckMK : https://forum.checkmk.com/t/checkmk-not-affected-by-log4shell/28643/3

CheckPoint : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865

Ciphermail : https://www.ciphermail.com/blog/ciphermail-gateway-and-webmail-messenger-are-not-vulnerable-to-cve-2021-44228.html

Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

Citrix : https://support.citrix.com/article/CTX335705

CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/

Cloudian HyperStore : https://cloudian-support.force.com/s/article/SECURITY-Cloudian-HyperStore-Log4j-vulnerability-CVE-2021-44228

CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/

Code42 : https://support.code42.com/Terms_and_conditions/Code42_customer_support_resources/Code42_response_to_industry_security_incidents

CodeBeamer : https://codebeamer.com/cb/wiki/19872365

CodeTwo : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995424

Cohesity : https://support.cohesity.com/s/article/Security-Advisory-Apache-Log4j-Remote-Code-Execution-RCE-CVE-2021-44228

CommVault : https://documentation.commvault.com/v11/essential/146231_security_vulnerability_and_reporting.html

ConcreteCMS.com : https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit

Confluent : https://support.confluent.io/hc/en-us/articles/4412615410580-CVE-2021-44228-log4j2-vulnerability

Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1

ConnectWise : https://www.connectwise.com/company/trust/advisories

ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548

ControlUp : https://status.controlup.com/incidents/qqyvh7b1dz8k

Coralogix : https://twitter.com/Coralogix/status/1469713430659559425

CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402

Cradlepoint : https://cradlepoint.com/vulnerability-alerts/cve-2021-44228-apache-log4j-security-vulnerabilities/

CrushFTP : https://www.crushftp.com/download.html

CryptShare : https://www.cryptshare.com/en/support/cryptshare-support/#c67572

Cumul.io https://status.cumul.io/#incidents

CyberArk : https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228

Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228

CyberRes : https://community.microfocus.com/cyberres/b/sws-22/posts/summary-of-cyberres-impact-from-log4j-or-logshell-logjam-cve-2021-44228

D

DarkTrace : https://customerportal.darktrace.com/inside-the-soc/get-article/201

Databricks : https://docs.google.com/document/d/e/2PACX-1vREjwZk17BAHGwj5Phizi4DPFS9EIUbAMX-CswlgbFwqwKXNKZC8MrT-L6wUgfIChsSHtvd_QD3-659/pub

DataDog : https://www.datadoghq.com/log4j-vulnerability/

Dataminer : https://community.dataminer.services/responding-to-log4shell-vulnerability/

Datev : https://www.datev-community.de/t5/Freie-Themen/Log4-J-Schwachstelle/m-p/258185/highlight/true#M14308

Datto : https://www.datto.com/blog/dattos-response-to-log4shell

Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228

Dell : https://www.dell.com/support/kbdoc/en-us/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability

DELL : https://www.dell.com/support/kbdoc/en-us/000194416/additional-information-for-apache-log4j-remote-code-execution-vulnerability-cve-2021-44228

Device42 : https://blog.device42.com/2021/12/13/log4j-zero-day/

Digicert : https://knowledge.digicert.com/alerts/digicert-log4j-response.html

Docker : https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/

Docusign : https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability

dCache.org : https://www.dcache.org/post/log4j-vulnerability/

DCM4CHE.org : dcm4che/dcm4che#1050

DRAW.IO : https://twitter.com/drawio/status/1470061320066277382

DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359

DSpace :https://groups.google.com/g/dspace-community/c/Fa4VdjiiNyE

DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282

E

Eclipse Foundation : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3992521

EHRBase : ehrbase/ehrbase#700

Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476

EnterpriseDT : https://enterprisedt.com/blogs/announcements/enterprisedt-does-not-use-log4j/

ESET : https://forum.eset.com/topic/30691-log4j-vulnerability/?do=findComment&comment=143745

ESRI : https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/

EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2

Exabeam : https://community.exabeam.com/s/discussions?t=1639379479381

Extreme Networks : https://extremeportal.force.com/ExtrArticleDetail?an=000100806

F

F5 Networks : https://support.f5.com/csp/article/K19026212

F-Secure https://status.f-secure.com/incidents/sk8vmr0h34pd

Fastly : https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j

FAST LTA : https://blog.fast-lta.de/en/log4j2-vulnerability

FedEx : https://www.fedex.com/en-us/service-alerts.html#weatherassess

FileCatalyst : https://support.filecatalyst.com/index.php/Knowledgebase/Article/View/advisory-log4j-zero-day-security-vulnerability

FileCloud : https://www.getfilecloud.com/supportdocs/display/cloud/Advisory+2021-12-2+Impact+of+Apache+Log4j2+Vulnerability+on+FileCloud+Customers

Flexera : https://community.flexera.com/t5/Community-Notices/Flexera-s-response-to-Apache-Log4j-2-remote-code-execution/ba-p/216934

FlyWheel : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995147

ForcePoint : https://support.forcepoint.com/s/article/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-Forcepoint-Security-Manager

Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228

ForgeRock : https://backstage.forgerock.com/knowledge/kb/article/a39102625

Fortinet : https://www.fortiguard.com/psirt/FG-IR-21-245

FTAPI : https://www.ftapi.com/blog/kritische-sicherheitslucke-in-log4j-ftapi-reagiert/#

Fujitsu : https://support.ts.fujitsu.com/ProductSecurity/content/Fujitsu-PSIRT-PSS-IS-2021-121000-Security-Notice-SF.pdf

FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/

G

Gearset : https://docs.gearset.com/en/articles/5806813-gearset-log4j-statement-dec-2021

Genesys : https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability

Gerrit code review : https://www.gerritcodereview.com/2021-12-13-log4j-statement.html

GFI : https://techtalk.gfi.com/impact-of-log4j-vulnerability-on-gfi/

Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning

GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q

GitHub Response : https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/

GitLab : https://forum.gitlab.com/t/cve-2021-4428/62763

GoAnywhere : https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps

Google Cloud Global Products coverage : https://cloud.google.com/log4j2-security-advisory

Google Cloud Armor WAF : https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability

Grafana : https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/

GratWiFi WARNING I can't confirm it: https://www.facebook.com/GratWiFi/posts/396447615600785

Gravitee.io : https://www.gravitee.io/news/about-the-log4j-cvss-10-critical-vulnerability

GrayLog : https://www.graylog.org/post/graylog-update-for-log4j

GreenShot : https://greenshot.atlassian.net/browse/BUG-2871

GuardedBox : https://twitter.com/GuardedBox/status/1469739834117799939

Guidewire : https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products

H

HackerOne : https://twitter.com/jobertabma/status/1469490881854013444

HAProxy : https://www.haproxy.com/blog/december-2021-log4shell-mitigation/

Hashicorp : https://discuss.hashicorp.com/t/hcsec-2021-32-hashicorp-response-to-apache-log4j-2-security-issue-cve-2021-44228/33138

Hazelcast : https://github.com/hazelcast/hazelcast/commit/ad951d3b2fa1ff3412219c1d2e03a31ddf1b3011

HCL Software BIGFIX: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486

HCL Software Notes, Domino, Verse, and Traveler : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095516

Hewlett Packard Enterprise HPE : https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04215en_us

Hewlett Packard Enterprise HPE GLOBAL : https://techhub.hpe.com/eginfolib/securityalerts/Apache%20Software%20Log4j/Apache_Software_Log4j.html

Hitachi Vantara : https://knowledge.hitachivantara.com/Support_Information/Hitachi_Vantara_Security_Advisories/CVE-2021-44228_-_Apache_Log4j2

Honeywell : https://www.honeywell.com/us/en/press/2021/12/honeywells-statement-on-java-apache-log4j-logging-framework-vulnerability

HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464

Huawei : https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en

Hubspot : https://community.hubspot.com/t5/APIs-Integrations/Log4J-day-zero-exploit-CVE-2021-44228/td-p/541949

I

I2P : https://geti2p.net/en/blog/post/2021/12/11/i2p-unaffected-cve-2021-44228

IBA-AG : https://www.iba-ag.com/en/security

IBM : https://www.ibm.com/support/pages/node/6525548

IFS : https://community.ifs.com/announcements-278/urgent-bulletin-ifs-advisory-ifs-products-services-and-log4j-cve-2021-44228-16436

IGEL : https://kb.igel.com/securitysafety/en/isn-2021-11-ums-log4j-vulnerability-54086712.html

Ignite Realtime : https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108

Illuminated Cloud : https://illuminatedcloud.blogspot.com/2021/12/illuminated-cloud-2-and-log4j-security.html

IManage : https://help.imanage.com/hc/en-us/articles/4412696236699-ADVISORY-Security-vulnerability-CVE-2021-44228-in-third-party-component-Apache-Log4j2#h_3164fa6c-4717-4aa1-b2dc-d14d4112595e

Imperva : https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/

Inductive Automation : https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day

InfluxData : https://www.influxdata.com/blog/apache-log4j-vulnerability-cve-2021-44228/

Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update

Integrative Genomics Viewer IGV : https://github.com/igvteam/igv/commit/40aa5e0c6b5f2eac0a1528658189fd7de8f20347

Instructure : https://community.canvaslms.com/t5/Community-Users/Instructure-amp-the-Apache-Log4j2-Vulnerability/ba-p/501907

InterSystems : https://www.intersystems.com/gt/apache-log4j2/

iRedMail : https://forum.iredmail.org/topic18605-log4j-cve202144228.html

Ironnet : https://www.ironnet.com/blog/ironnet-security-notifications-related-to-log4j-vulnerability

Ivanti : https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US

J

Jamasoftware : https://community.jamasoftware.com/communities/community-home/digestviewer/viewthread?MessageKey=06d26f9c-2abe-4c10-93d4-c0f6c8a01b22&CommunityKey=c9d20d4c-5bb6-4f19-92eb-e7cee0942d51&tab=digestviewer#bm06d26f9c-2abe-4c10-93d4-c0f6c8a01b22

JAMF : https://docs.jamf.com/technical-articles/Mitigating_the_Apache_Log4j_2_Vulnerability.html

Jaspersoft : https://community.jaspersoft.com/wiki/apache-log4j-vulnerability-update-jaspersoft-products

JazzSM DASH IBM : https://www.ibm.com/support/pages/node/6525552

Jedox : https://www.jedox.com/en/trust/

Jenkins : https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/

JetBrains Global :https://blog.jetbrains.com/blog/2021/12/13/log4j-vulnerability-and-jetbrains-products-and-services/

JetBrains Teamcity : https://youtrack.jetbrains.com/issue/TW-74298

JetBrains YouTrack and Hub : https://youtrack.jetbrains.com/issue/JT-67582

JFROG : https://jfrog.com/knowledge-base/general-jfrog-services-are-not-affected-by-vulnerability-cve-2021-44228/

Jitterbit : https://success.jitterbit.com/display/DOC/Mitigating+the+Apache+Log4j2+JNDI+Vulnerability

Jitsi : https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md

JobRouter : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995497

Juniper Networks : https://kb.juniper.net/InfoCenter/index?page=content&id=JSA11259

K

K15t : https://help.k15t.com/k15t-apps-and-log4shell-193401141.html

Kafka Connect CosmosDB : https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md

Karakun : https://board.karakun.com/viewtopic.php?f=21&t=8351

Kaseya : https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment

Keycloak : keycloak/keycloak#9078

KEMP : https://support.kemptechnologies.com/hc/en-us/articles/4416430695437-CVE-2021-44228-Log4j2-Exploit

KEMP 2 : https://support.kemptechnologies.com/hc/en-us/articles/4416473820045-Progress-Kemp-LoadMaster-protects-from-security-vulnerability-Apache-Log4j-2-CVE-2021-44228-

Kofax : https://knowledge.kofax.com/MFD_Productivity/SafeCom/Product_Information/SafeCom_and_Log4j_vulnerability_(CVE-2021-44228)

Komoot Photon : komoot/photon#620

Kronos UKG : https://community.kronos.com/s/feed/0D54M00004wJKHiSAO?language=en_US

L

LabCollector : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995088

Lansweeper : https://www.lansweeper.com/vulnerability/critical-log4j-vulnerability-affects-millions-of-applications/

Laserfiche : https://answers.laserfiche.com/questions/194037/Do-any-Laserfiche-products-use-the-Apache-log4j-library#194038

LastPass : https://support.logmeininc.com/lastpass/help/log4j-vulnerability-faq-for-lastpass-universal-proxy

LaunchDarkly : https://launchdarkly.com/blog/audit-shows-systems-unaffected-by-log4j/

Leanix : https://www.leanix.net/en/blog/log4j-vulnerability-log4shell

Lenovo : https://support.lenovo.com/ro/en/product_security/len-76573

LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914

LibreNMS : https://community.librenms.org/t/is-librenms-affected-by-vulnerable-to-cve-2021-25218-cve-2021-44228/17675/6

LifeRay : https://liferay.dev/blogs/-/blogs/log4j2-zero-day-vulnerability

Lightbend : https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275

LiquidFiles : https://mailchi.mp/liquidfiles/liquidfiles-log4j?e=%5BUNIQID%5D

LogicMonitor : https://www.logicmonitor.com/support/log4shell-security-vulnerability-cve-2021-44228

LogRhythm : https://community.logrhythm.com/t5/Product-Security/LogRhythm-Response-to-the-Apache-Log4J-Vulnerability-Log4Shell/td-p/494068

Looker : https://docs.google.com/document/d/e/2PACX-1vQGN1AYNMHxsRQ9AZNu1bKyTGRUSK_9xkQBge-nu4p8PYvBKIYHhc3914KTfVtDFIXtDhc3k6SZnR2M/pub

M

Macchina io : https://twitter.com/macchina_io/status/1469611606569099269

MailCow : mailcow/mailcow-dockerized#4375

ManageEngine Zoho : https://pitstop.manageengine.com/portal/en/community/topic/log4j-ad-manager-plus

ManageEngine Zoho : https://pitstop.manageengine.com/portal/en/community/topic/update-on-the-recent-apache-log4j2-vulnerability-impact-on-manageengine-on-premises-products-1

MathWorks Matlab : https://www.mathworks.com/matlabcentral/answers/1610640-apache-log4j-vulnerability-cve-2021-44228-how-does-it-affect-matlab-run-time

Matomo : https://forum.matomo.org/t/matomo-is-not-concerned-by-the-log4j-security-breach-cve-2021-44228-discovered-on-december-2021-the-9th/44089

Mattermost FocalBoard : https://forum.mattermost.org/t/log4j-vulnerability-concern/12676

McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091

MEINBERG : https://www.meinbergglobal.com/english/news/meinberg-lantime-and-microsync-systems-not-at-risk-from-log4j-security-exploit.htm

Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37

MicroFocus : https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228

Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Microstrategy : https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US

Mikrotik : https://forum.mikrotik.com/viewtopic.php?p=897938

Milestonesys : https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US

Mimecast : https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability

Minecraft : https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition

MISP : https://twitter.com/MISPProject/status/1470051242038673412

Mitel : https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

MongoDB : https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb

Moodle : https://moodle.org/mod/forum/discuss.php?d=429966

MoogSoft : https://servicedesk.moogsoft.com/hc/en-us/articles/4412463233811?input_string=log4j+vulnerability+%7C%7C+cve-2021-44228

Mulesoft : https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021

N

N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability

Nagios : https://www.nagios.com/news/2021/12/update-on-apache-log4j-vulnerability/

NELSON : https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala

NEO4J : https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856

NetApp : https://security.netapp.com/advisory/ntap-20211210-0007/

Netflix : https://github.com/search?q=org%3ANetflix+CVE-2021-44228&type=commits

Netgear : https://www.reddit.com/r/NETGEAR/comments/re5iqy/comment/ho9qlvb/

NewTek : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995403

NextGen Healthcare Mirth : nextgenhealthcare/connect#4892 (comment)

Nexus Group : https://doc.nexusgroup.com/pages/viewpage.action?pageId=83133294

Newrelic : https://docs.newrelic.com/docs/security/new-relic-security/security-bulletins/security-bulletin-nr21-03/

NinjaRMM : https://ninjarmm.zendesk.com/hc/en-us/articles/4416226194189-12-10-21-Security-Declaration-NinjaOne-not-affected-by-CVE-2021-44228-log4j-

Nutanix : https://download.nutanix.com/alerts/Security_Advisory_0023.pdf

Nvidia : https://nvidia.custhelp.com/app/answers/detail/a_id/5294

O

Octopus : https://advisories.octopus.com/adv/December.2306508680.html

Okta : https://sec.okta.com/articles/2021/12/log4shell

Onespan :https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776

OnlyOffice : https://forum.onlyoffice.com/t/does-onlyoffice-documentserver-uses-log4j/841

Opengear : https://opengear.zendesk.com/hc/en-us/articles/4412713339419-CVE-2021-44228-aka-Log4Shell-Opengear-products-are-not-affected

OpenHab : openhab/openhab-distro#1343

OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/

OpenMRS TALK : https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341

OpenSearch : https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950

OpenText XMFax : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995966

OpenTripPlanner : opentripplanner/OpenTripPlanner#3785

Oracle : https://www.oracle.com/security-alerts/alert-cve-2021-44228.html

OSQUERY : https://twitter.com/osquery/status/1470831336118124549

OxygenXML : https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html

P

Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228

PaperCut : https://www.papercut.com/kb/Main/Log4Shell-CVE-2021-44228

Parse.ly : https://blog.parse.ly/parse-ly-log4shell/

PasswordState : https://www.reddit.com/r/passwordstate/comments/rf7d62/log4j_zeroday_log4shell_vulnerability/

Pebblehost : https://help.pebblehost.com/en/article/patching-the-log4j-rce-exploit-14wyvz0/

Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability

Pentaho :https://support.pentaho.com/hc/en-us/articles/4416229254541-log4j-2-zero-day-vulnerability-No-impact-to-supported-versions-of-Pentaho-

Phenix Id : https://support.phenixid.se/uncategorized/log4j-fix/

Phillips : https://www.philips.com/a-w/security/security-advisories.html

PingIdentity : https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228

Pitney Bowes : https://www.pitneybowes.com/us/support/apache-log4j-vulnerability.html

Plesk : https://support.plesk.com/hc/en-us/articles/4412182812818-CVE-2021-44228-vulnerability-in-log4j-package-of-Apache

Polycom : https://support.polycom.com/content/dam/polycom-support/global/documentation/plygn21-08-poly-systems-apache.pdf

PortSwigger : https://forum.portswigger.net/thread/are-burp-collaborator-or-burp-enterprise-vulnerable-to-log4j-dc6524e0

Pretix : https://pretix.eu/about/de/blog/20211213-log4j/

PrimeKey : https://support.primekey.com/news/posts/information-about-primekey-products-and-log4j-vulnerability-cve-2021-44228

Progress / IpSwitch : https://www.progress.com/security

ProofPoint : https://proofpointcommunities.force.com/community/s/article/Proofpoint-Statement-Regarding-CVE-2021-44228-Java-logging-package-log4j2

Prosys : https://prosysopc.com/news/important-security-release/

Proxmox : https://forum.proxmox.com/threads/log4j-exploit-what-to-do.101254/#post-436880

PRTG Paessler : https://kb.paessler.com/en/topic/90213-is-prtg-affected-by-cve-2021-44228

PTC : https://www.ptc.com/en/support/alerts/log4j%20zero%20day%20vulnerability%20-%2020211211

PTV Group : https://company.ptvgroup.com/en/resources/service-support/log4j-latest-information

Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR

Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/

Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22)

PWM Project : pwm-project/pwm#628

Q

QF-Test : https://www.qfs.de/en/blog/article/no-log4j-vulnerability-in-qf-test.html

Qlik : https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368

QNAP : https://www.qnap.com/en-uk/security-advisory/qsa-21-58

Quest KACE : https://support.quest.com/kace-systems-management-appliance/kb/335869/is-the-kace-sma-affected-by-cve-2021-44228

R

Radware : https://support.radware.com/app/answers/answer_view/a_id/1029752

Rapid7 : https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/

Raritan : https://www.raritan.com/support

Red5Pro : https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/

RedHat : https://access.redhat.com/security/vulnerabilities/RHSB-2021-009

Redis : https://redis.com/security/notice-apache-log4j2-cve-2021-44228/

Revenera / Flexera : https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905

Riverbed : https://supportkb.riverbed.com/support/index?page=content&id=S35645

Rockwell Automation : https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Rosetta UNOFICIAL : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993903

Rosette.com : https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability

Rubrik : https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK

Ruckus wireless : https://support.ruckuswireless.com/security_bulletins/313

Runecast : https://www.runecast.com/blog/runecast-6-0-1-0-covers-apache-log4j-java-vulnerability

RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/

RSA SecurID: https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

RSA Netwitness : https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540

S

SAFE FME Server : https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j

SAGE : https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228

SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681

Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1

Sangoma :https://help.sangoma.com/community/s/article/Log4Shell

SAP Advanced Platform : https://launchpad.support.sap.com/#/notes/3130698

SAP BusinessObjects : https://launchpad.support.sap.com/#/notes/3129956

SAP Global coverage : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3994039

SAS : https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html

Savignano software solutions : https://savignano.atlassian.net/wiki/spaces/SNOTIFY/blog/2021/12/13/2839740417/No+Log4j+Vulnerability+in+S+Notify

Schneider Electric : https://download.schneider-electric.com/files?p_Doc_Ref=SESB-2021-347-01

SDL worldServer : https://gateway.sdl.com/apex/communityknowledge?articleName=000017707

Seafile : https://forum.seafile.com/t/urgent-zero-day-exploit-in-log4j/15575

Seagull Scientific : https://support.seagullscientific.com/hc/en-us/articles/4415794235543-Apache-Log4Shell-Vulnerability

SecurePoint : https://www.securepoint.de/news/details/sicherheitsluecke-log4j-securepoint-loesungen-nicht-betroffen.html

Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html

Seeburger : https://servicedesk.seeburger.de/portal/en-US/Knowledge/Article/?defId=101040&id=25486312&COMMAND=Open

SentinelOne : https://www.sentinelone.com/blog/cve-2021-44228-staying-secure-apache-log4j-vulnerability/

SEP : https://support.sep.de/otrs/public.pl?Action=PublicFAQZoom;ItemID=132

Server Eye : https://www.server-eye.de/blog/sicherheitsluecke-log4j-server-eye-systeme-sind-nicht-betroffen/

ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959

Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791

Shibboleth : http://shibboleth.net/pipermail/announce/2021-December/000253.html

Siemens : https://cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf

Signald : https://gitlab.com/signald/signald/-/issues/259

SingleWire : https://support.singlewire.com/s/article/Apache-Log4j2-vulnerability-CVE-2021-44228

Sitecore : https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1001391

Skillable : https://skillable.com/log4shell/

SLF4J : http://slf4j.org/log4shell.html

SmartBear : https://smartbear.com/security/cve-2021-44228/

SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228

Snowflake : https://community.snowflake.com/s/article/No-Snowflake-exposure-to-Apache-Log4j-vulnerability-CVE-2021-44228

Snyk : https://updates.snyk.io/snyk%27s-cloud-platform-all-clear-from-log4j-exploits-216499

Spigot : https://www.spigotmc.org/threads/spigot-security-releases-%E2%80%94-1-8-8%E2%80%931-18.537204/

Software AG : https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849

SolarWinds : https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228

SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721

Sonatype : https://blog.sonatype.com/a-new-0-day-log4j-vulnerability-discovered-in-the-wild

SonicWall : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032

Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce

Splashtop : https://support-splashtopbusiness.splashtop.com/hc/en-us/articles/4412788262811-Is-Splashtop-affected-by-Apache-Log4j-

Splunk : https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html

Spring Boot : https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot

SOS Berlin : https://www.sos-berlin.com/en/news-mitigation-log4j-vulnerability

StrangeBee TheHive & Cortex : https://blog.strangebee.com/apache-log4j-cve-2021-44228/

SumoLogic : https://help.sumologic.com/Release-Notes/Collector-Release-Notes#december-11-2021-19-361-12

Superna EYEGLASS : https://manuals.supernaeyeglass.com/project-technical-advisories-all-products/HTML/technical-advisories.html#h2__1912345025

Suprema Inc : https://www.supremainc.com/en/

SUSE : https://www.suse.com/c/suse-statement-on-log4j-log4shell-cve-2021-44228-vulnerability/

Sterling Order IBM : https://www.ibm.com/support/pages/node/6525544

Storagement : https://www.storagement.de/index.php?action=topicofthemonth&site=log4j

Sumologic : https://docs.google.com/document/d/e/2PACX-1vSdeODZ2E5k0aZgHm06OJWhDQWgtxxB0ZIrTsuQjg5xaoxlogmTVGdOWoSFtDlZBdHzY6ET6k6Sk-g1/pub

Sweepwidget : https://sweepwidget.com/view/23032-v9f40ns1/4zow83-23032

Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10

Swyx : https://service.swyx.net/hc/de/articles/4412323539474

Syncplify : https://blog.syncplify.com/no-we-are-not-affected-by-log4j-vulnerability/

Synology : https://www.synology.com/en-global/security/advisory/Synology_SA_21_30

Synopsys : https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228

SysAid : https://www.sysaid.com/lp/important-update-regarding-apache-log4j

Sysdig : https://sysdig.com/blog/cve-critical-vulnerability-log4j/

T

Talend : https://jira.talendforge.org/browse/TCOMP-2054

Tanium : https://community.tanium.com/s/article/How-Tanium-Can-Help-with-CVE-2021-44228-Log4Shell#_Toc90296319

TealiumIQ : https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824

Teamviewer : https://www.teamviewer.com/en/trust-center/security-bulletins/hotfix-log4j2-issue/

TechSmith : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995701

Tenable : https://www.tenable.com/log4j

Thales : https://supportportal.thalesgroup.com/csm?id=kb_article_view&sys_kb_id=02863d13db544110f0e3220805961914&sysparm_article=KB0025287

Thales (SafeNet) HSM : https://supportportal.thalesgroup.com/csm?id=kb_article_protected&sys_id=12acaed3dbd841105d310573f3961953

Threema UNOFICIAL : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3993316

Tibco : https://www.tibco.com/support/notices/2021/12/apache-log4j-vulnerability-update

TP-Link : https://community.tp-link.com/en/business/forum/topic/514452

TrendMicro : https://success.trendmicro.com/solution/000289940

Tricentis Tosca : https://support-hub.tricentis.com/open?number=NEW0001148&id=post

Tripwire : https://www.tripwire.com/log4j

U

Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1

Ubuntu : https://ubuntu.com/security/CVE-2021-44228

Unify ATOS : https://networks.unify.com/security/advisories/OBSO-2112-01.pdf

UniFlow : https://www.uniflow.global/en/security/security-and-maintenance/

Unimus : https://forum.unimus.net/viewtopic.php?f=7&t=1390#top

USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability

V

VArmour : https://support.varmour.com/hc/en-us/articles/4416396248717-Log4j2-Emergency-Configuration-Change-for-Critical-Auth-Free-Code-Execution-in-Logging-Utility

Varonis : https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228

Veeam : https://www.veeam.com/kb4254

Venafi : https://support.venafi.com/hc/en-us/articles/4416213022733-Log4j-Zero-Day-Vulnerability-notice

Veritas NetBackup : https://www.veritas.com/content/support/en_US/article.100052070

Vertica : https://forum.vertica.com/discussion/242512/vertica-security-bulletin-a-potential-vulnerability-has-been-identified-apache-log4j-library-used

Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md

VMware : https://www.vmware.com/security/advisories/VMSA-2021-0028.html

W

Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/

Wasp Barcode technologies : https://support.waspbarcode.com/kb/articles/assetcloud-inventorycloud-are-they-affected-by-the-java-exploit-log4j-no

WatchGuard / Secplicity / https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/

WildFlyAS : https://twitter.com/WildFlyAS/status/1469362190536818688

WitFoo : https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/

Wodby Cloud : https://twitter.com/wodbycloud/status/1470125735914450950

World Programming WPS analytics : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995649

Wowza : https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve

WSO2 : wso2/security-tools#169

X

XCP-ng : https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact

XenForo : https://xenforo.com/community/threads/psa-potential-security-vulnerability-in-elasticsearch-5-via-apache-log4j-log4shell.201145/

XPertDoc : https://kb.xpertdoc.com/pages/viewpage.action?pageId=87622727

Xray connector plugin : jenkinsci/xray-connector-plugin#53

XWIKI : https://forum.xwiki.org/t/log4j-cve-2021-44228-log4shell-zero-day-vulnerability/9557

Y

Yandex-Cloud : https://github.com/yandex-cloud/docs/blob/6ff6c676787756e7dd6101c53b051e4cd04b3e85/ru/overview/security-bulletins/index.md#10122021--cve-2021-44228--%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5-%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%B4%D0%B0-log4shell-apache-log4j

Yellowbrick : https://support.yellowbrick.com/hc/en-us/articles/4412586575379-Security-Advisory-Yellowbrick-is-NOT-Affected-by-the-Log4Shell-Vulnerability

Z

Zabbix : https://blog.zabbix.com/zabbix-not-affected-by-the-log4j-exploit/17873/

ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256

Zaproxy : https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/

Zebra : https://www.zebra.com/us/en/support-downloads/lifeguard-security/cve-2021-442280-dubbed-log4shell-or-logjam-vulnerability.html

Zellis : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3995461

Zendesk : https://support.zendesk.com/hc/en-us/articles/4413583476122

Zenoss : https://support.zenoss.com/hc/en-us

Zerto : https://help.zerto.com/kb/000004822

Zesty : https://www.zesty.io/mindshare/company-announcements/log4j-exploit/

Zimbra : https://bugzilla.zimbra.com/show_bug.cgi?id=109428

ZPE systems Inc : https://support.zpesystems.com/portal/en/kb/articles/is-nodegrid-os-and-zpe-cloud-affected-by-cve-2021-44228-apache-log4j

Zowe : zowe/community#1381

ZSCALER : https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021

Zyxel : https://www.zyxel.com/support/Zyxel_security_advisory_for_Apache_Log4j_RCE_vulnerability.shtml

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment