Apache Log4j Vulnerable Vendors
Please see below multiple resources listing either confirmed or suspected vendors that are affected by the Log4j vulnerabilities. The N.C. Joint Cybersecurity Task Force will continue to update these lists as information becomes available.
Additional affected vendor lists:
Disclaimer: Due to the evolving nature of this threat, these lists are not comprehensive and are subject to change.
Vendor | Product, Service, and/or Software | Related |
---|---|---|
Adobe | ColdFusion 2021 | More Info |
Amazon | OpenSearch | More Info |
Amazon | AWS Glue | More Info |
Amazon | CloudFront | More Info |
Amazon | AWS Greengrass | More Info |
Amazon | API Gateway | More Info |
Atlassian | Jira Server & Data Center | More Info |
Atlassian | Confluence Server & Data Center | More Info |
Atlassian | Bamboo Server & Data Center | More Info |
Atlassian | Crowd Server & Data Center | More Info |
Atlassian | Fisheye | More Info |
Atlassian | Crucible | More Info |
Broadcom | CA Advanced Authentication | More Info |
Broadcom | Symantec SiteMinder (CA Single Sign-on) | More Info |
Broadcom | VIP Authentication Hub | More Info |
Broadcom | Symantec Endpoint Protection Manager (SEPM) | More Info |
Cisco | Numerous products: (Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021) | More Info |
Citrix | None reported; several still under investigation Citrix Security Advisory for Apache CVE-2021-44228 | More Info |
ConnectWise | Manage on-premise Global Search capability -third party component vulnerable: ConnectWise | Trust Center | Advisories | More Info |
cPanel | Solr Plugin: log4j CVE-2021-44228, does it affect Cpanel? | cPanel Forums | More Info |
Debian | Stretch | More Info |
Debian | Buster | More Info |
Debian | Bullseye | More Info |
Debian | Bookworm | More Info |
Docker | couchbase | More Info |
Docker | Elasticsearch | More Info |
Docker | Logstash | More Info |
Docker | sonarqube | More Info |
Docker | solr | More Info |
FortiGuard | FortiSIEM | More Info |
FortiGuard | FortiInsight | More Info |
FortiGuard | FortiMonitor | More Info |
FortiGuard | FortiPortal | More Info |
FortiGuard | FortiPolicy | More Info |
FortiGuard | ShieldX | More Info |
F-Secure | Policy Manager | More Info |
F-Secure | Policy Manager Proxy | More Info |
F-Secure | Endpoint Proxy | More Info |
F-Secure | Elements Connecter | More Info |
Ghidra | Open-source reverse engineering tool from the NSA | More Info |
IBM | WebSphere Application Server versions 9.0 and 8.5 | More Info |
Juniper Networks | Paragon Active Assurance | More Info |
Juniper Networks | Paragon Insights | More Info |
Juniper Networks | Paragon Pathfinder | More Info |
Juniper Networks | Paragon Pplanner | More Info |
McAfee | Numerous products | More Info |
MongoDB | Atlas Search | More Info |
Okta | RADIUS Server Agent | More Info |
Okta | Okta On-Prem MFA Agent | More Info |
Oracle | Numerous products | More Info |
OWASP Foundation | Zed Attack Proxy (ZAP) scanner below 2.11.1 | More Info |
Red Hat | Numerous products | More Info |
Siemens | Numerous products | More Info |
SolarWinds | Server & Application Monitor (SAM) | More Info |
SolarWinds | Database Performance Analyzer (DPA) | More Info |
SonarSource | ElasticSearch component in SonarQube | More Info |
SonicWall | Email security version 10.X | More Info |
Sophos | Mobile EAS Proxy | More Info |
Splunk | Numerous products | More Info |
TrendMicro | Vision One | More Info |
TrendMicro | Trend Micro Email Security & HES | More Info |
TrendMicro | TippingPoint Threat Management Center | More Info |
TrendMicro | Sandbox as a Service | More Info |
TrendMicro | Cloud App Security | More Info |
Vmware | Numerous products | More Info |
Ubiquiti | UniFi Network Application | More Info |
Ubuntu | Numerous versions | More Info |
Zoho | ADAudt Plus component | More Info |
Zscaler | Numerous products | More Info |
100
false
Normal