Log4j Incident Management Survey

Adobe

ColdFusion 2021

Amazon

OpenSearch, AWS Glue, CloudFront, AWS Greengrass, API Gateway

Atlassian

Jira Server & Data Center, Confluence Server & Data Center, Bamboo Server & Data Center, Crowd Server & Data Center, Fisheye, Crucible

Broadcom

CA Advanced Authentication, Symantec SiteMinder (CA Single Sign-On), VIP Authentication Hub, Symantec Endpoint Protection Manager (SEPM)

Cisco

Numerous products: (Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021)

Citrix

None reported; several still under investigation 

ConnectWise

Manage on-premise Global Search capability -third party component vulnerable

cPanel

Solr Plugin: log4j CVE-2021-44228, does it affect Cpanel? | cPanel Forums 

Debian

Stretch, Buster, Bullseye, Bookworm

Docker

couchbase, Elasticsearch, Logstash, sonarqube, solr

FortiGuard

FortiSIEM, FortiInsight, FortiMonitor, FortiPortal, FortiPolicy, ShieldX

F-Secure

Policy Manager, Policy Manager Proxy, Endpoint Proxy, Elements Connector

Ghidra

Open-source reverse engineering tool from the NSA

IBM

WebSphere Application Server versions 9.0 and 8.5

Juniper Networks

Paragon Active Assurance, Paragon Insights, Paragon Pathfinder, Paragon Pplanner 

McAfee

Numerous products

MongoDB

Atlas Search

Okta

RADIUS Server Agent, Okta On-Prem MFA Agent 

Oracle

Numerous products

OWASP Foundation

Zed Attack Proxy (ZAP) scanner below 2.11.1

Red Hat

Numerous products

Siemens

Numerous products

SolarWinds

Server & Application Monitor (SAM), Database Performance Analyzer (DPA)
 

SonarSource

ElasticSearch component in SonarQube 

SonicWall

Email security version 10.X

Sophos

Mobile EAS Proxy

Splunk

Numerous products

TrendMicro

Vision One, TrendMicro Email Security & HES, TippingPoint Threat Management Center, Sandbox as a Service, Cloud App Security

VMware

Numerous products

Ubiquiti

UniFi Network Application

Ubuntu

Numerous versions

Zoho

ADAudt Plus component

Zscaler

Numerous products