CVE-2021-44228
Summary
| CVE | CVE-2021-44228 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2021-12-10 10:15:00 UTC |
| Updated | 2023-11-07 03:39:00 UTC |
| Description | Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects. |
Risk And Classification
EPSS: 0.943580000 probability, percentile 0.999600000 (date 2026-04-03)
CISA KEV: Listed on 2021-12-10; due 2021-12-24; ransomware use Known
Problem Types: CWE-20 | CWE-400 | CWE-502
CISA Known Exploited Vulnerability
| Vendor | Apache |
|---|---|
| Product | Log4j2 |
| Name | Apache Log4j2 Remote Code Execution Vulnerability |
| Required Action | For all affected software assets for which updates exist, the only acceptable remediation actions are: 1) Apply updates; OR 2) remove affected assets from agency networks. Temporary mitigations using one of the measures provided at https://www.cisa.gov/uscert/ed-22-02-apache-log4j-recommended-mitigation-measures are only acceptable until updates are available. |
| Notes | https://nvd.nist.gov/vuln/detail/CVE-2021-44228 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Log4j | All | All | All | All |
| Application | Apache | Log4j | 2.0 | - | All | All |
| Application | Apache | Log4j | 2.0 | beta9 | All | All |
| Application | Apache | Log4j | 2.0 | rc1 | All | All |
| Application | Apache | Log4j | 2.0 | rc2 | All | All |
| Application | Bentley | Synchro | All | All | All | All |
| Application | Bentley | Synchro 4d | All | All | All | All |
| Application | Cisco | Advanced Malware Protection Virtual Private Cloud Appliance | All | All | All | All |
| Application | Cisco | Automated Subsea Tuning | All | All | All | All |
| Application | Cisco | Automated Subsea Tuning | 02.01.00 | All | All | All |
| Application | Cisco | Broadworks | All | All | All | All |
| Application | Cisco | Broadworks | - | All | All | All |
| Application | Cisco | Business Process Automation | All | All | All | All |
| Application | Cisco | Cloudcenter | All | All | All | All |
| Application | Cisco | Cloudcenter Cost Optimizer | All | All | All | All |
| Application | Cisco | Cloudcenter Suite | 4.10\(0.15\) | All | All | All |
| Application | Cisco | Cloudcenter Suite | 5.3\(0\) | All | All | All |
| Application | Cisco | Cloudcenter Suite | 5.4\(1\) | All | All | All |
| Application | Cisco | Cloudcenter Suite | 5.5\(0\) | All | All | All |
| Application | Cisco | Cloudcenter Suite | 5.5\(1\) | All | All | All |
| Application | Cisco | Cloudcenter Suite Admin | All | All | All | All |
| Application | Cisco | Cloudcenter Workload Manager | All | All | All | All |
| Application | Cisco | Cloud Connect | All | All | All | All |
| Application | Cisco | Common Services Platform Collector | All | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.009\(000.000\) | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.009\(000.001\) | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.009\(000.002\) | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.009\(001.000\) | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.009\(001.001\) | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.009\(001.002\) | All | All | All |
| Application | Cisco | Common Services Platform Collector | 002.010\(000.000\) | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 006.004.000.003 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 006.005.000. | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 006.005.000.000 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 007.000.001 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 007.001.000 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 007.002.000 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 007.003.000 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 007.003.001.001 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 007.003.003 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 008.000.000 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 008.000.000.000.004 | All | All | All |
| Application | Cisco | Connected Analytics For Network Deployment | 7.3 | All | All | All |
| Application | Cisco | Connected Mobile Experiences | - | All | All | All |
| Application | Cisco | Contact Center Domain Manager | All | All | All | All |
| Application | Cisco | Contact Center Management Portal | All | All | All | All |
| Application | Cisco | Crosswork Data Gateway | All | All | All | All |
| Application | Cisco | Crosswork Data Gateway | 3.0.0 | All | All | All |
| Application | Cisco | Crosswork Network Automation | - | All | All | All |
| Application | Cisco | Crosswork Network Automation | 2.0.0 | All | All | All |
| Application | Cisco | Crosswork Network Automation | 3.0.0 | All | All | All |
| Application | Cisco | Crosswork Network Automation | 4.1.0 | All | All | All |
| Application | Cisco | Crosswork Network Automation | 4.1.1 | All | All | All |
| Application | Cisco | Crosswork Network Controller | All | All | All | All |
| Application | Cisco | Crosswork Network Controller | 3.0.0 | All | All | All |
| Application | Cisco | Crosswork Optimization Engine | All | All | All | All |
| Application | Cisco | Crosswork Optimization Engine | 3.0.0 | All | All | All |
| Application | Cisco | Crosswork Platform Infrastructure | All | All | All | All |
| Application | Cisco | Crosswork Platform Infrastructure | 4.1.0 | All | All | All |
| Application | Cisco | Crosswork Zero Touch Provisioning | All | All | All | All |
| Application | Cisco | Crosswork Zero Touch Provisioning | 3.0.0 | All | All | All |
| Application | Cisco | Customer Experience Cloud Agent | All | All | All | All |
| Application | Cisco | Cx Cloud Agent | 001.012 | All | All | All |
| Application | Cisco | Cyber Vision | 4.0.2 | All | All | All |
| Application | Cisco | Cyber Vision Sensor Management Extension | All | All | All | All |
| Application | Cisco | Cyber Vision Sensor Management Extension | 4.0.2 | All | All | All |
| Application | Cisco | Data Center Network Manager | All | All | All | All |
| Application | Cisco | Data Center Network Manager | 11.3\(1\) | All | All | All |
| Application | Cisco | Dna Center | All | All | All | All |
| Application | Cisco | Dna Center | 2.2.2.8 | All | All | All |
| Application | Cisco | Dna Spaces | - | All | All | All |
| Application | Cisco | Dna Spaces | _connector | All | All | All |
| Application | Cisco | Dna Spaces Connector | - | All | All | All |
| Application | Cisco | Emergency Responder | All | All | All | All |
| Application | Cisco | Emergency Responder | 11.5 | All | All | All |
| Application | Cisco | Emergency Responder | 11.5\(4.65000.14\) | All | All | All |
| Application | Cisco | Emergency Responder | 11.5\(4.66000.14\) | All | All | All |
| Application | Cisco | Enterprise Chat And Email | All | All | All | All |
| Application | Cisco | Enterprise Chat And Email | 12.0\(1\) | All | All | All |
| Application | Cisco | Enterprise Chat And Email | 12.5\(1\) | All | All | All |
| Application | Cisco | Enterprise Chat And Email | 12.6\(1\) | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | 3.0 | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | 3.1 | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | 4.0 | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | 4.1 | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | 5.0 | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | 5.1 | All | All | All |
| Application | Cisco | Evolved Programmable Network Manager | All | All | All | All |
| Application | Cisco | Finesse | All | All | All | All |
| Application | Cisco | Finesse | 12.5\(1\) | su1 | All | All |
| Application | Cisco | Finesse | 12.5\(1\) | su2 | All | All |
| Application | Cisco | Finesse | 12.6\(1\) | All | All | All |
| Application | Cisco | Finesse | 12.6\(1\) | - | All | All |
| Application | Cisco | Finesse | 12.6\(1\) | es01 | All | All |
| Application | Cisco | Finesse | 12.6\(1\) | es02 | All | All |
| Application | Cisco | Finesse | 12.6\(1\) | es03 | All | All |
| Hardware | Cisco | Firepower 1010 | - | All | All | All |
| Hardware | Cisco | Firepower 1120 | - | All | All | All |
| Hardware | Cisco | Firepower 1140 | - | All | All | All |
| Hardware | Cisco | Firepower 1150 | - | All | All | All |
| Hardware | Cisco | Firepower 2110 | - | All | All | All |
| Hardware | Cisco | Firepower 2120 | - | All | All | All |
| Hardware | Cisco | Firepower 2130 | - | All | All | All |
| Hardware | Cisco | Firepower 2140 | - | All | All | All |
| Hardware | Cisco | Firepower 4110 | - | All | All | All |
| Hardware | Cisco | Firepower 4112 | - | All | All | All |
| Hardware | Cisco | Firepower 4115 | - | All | All | All |
| Hardware | Cisco | Firepower 4120 | - | All | All | All |
| Hardware | Cisco | Firepower 4125 | - | All | All | All |
| Hardware | Cisco | Firepower 4140 | - | All | All | All |
| Hardware | Cisco | Firepower 4145 | - | All | All | All |
| Hardware | Cisco | Firepower 4150 | - | All | All | All |
| Hardware | Cisco | Firepower 9300 | - | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.2.3 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.3.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.4.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.5.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.6.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 6.7.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 7.0.0 | All | All | All |
| Application | Cisco | Firepower Threat Defense | 7.1.0 | All | All | All |
| Application | Cisco | Fog Director | - | All | All | All |
| Operating System | Cisco | Fxos | 6.2.3 | All | All | All |
| Operating System | Cisco | Fxos | 6.3.0 | All | All | All |
| Operating System | Cisco | Fxos | 6.4.0 | All | All | All |
| Operating System | Cisco | Fxos | 6.5.0 | All | All | All |
| Operating System | Cisco | Fxos | 6.6.0 | All | All | All |
| Operating System | Cisco | Fxos | 6.7.0 | All | All | All |
| Operating System | Cisco | Fxos | 7.0.0 | All | All | All |
| Operating System | Cisco | Fxos | 7.1.0 | All | All | All |
| Application | Cisco | Identity Services Engine | All | All | All | All |
| Application | Cisco | Identity Services Engine | 002.004\(000.914\) | - | All | All |
| Application | Cisco | Identity Services Engine | 002.006\(000.156\) | - | All | All |
| Application | Cisco | Identity Services Engine | 002.007\(000.356\) | - | All | All |
| Application | Cisco | Identity Services Engine | 003.000\(000.458\) | - | All | All |
| Application | Cisco | Identity Services Engine | 003.001\(000.518\) | - | All | All |
| Application | Cisco | Identity Services Engine | 003.002\(000.116\) | - | All | All |
| Application | Cisco | Identity Services Engine | 2.4.0 | - | All | All |
| Application | Cisco | Integrated Management Controller Supervisor | All | All | All | All |
| Application | Cisco | Integrated Management Controller Supervisor | 002.003\(002.000\) | All | All | All |
| Application | Cisco | Integrated Management Controller Supervisor | 2.3.2.0 | All | All | All |
| Application | Cisco | Intersight Virtual Appliance | All | All | All | All |
| Application | Cisco | Intersight Virtual Appliance | 1.0.9-343 | All | All | All |
| Application | Cisco | Iot Operations Dashboard | - | All | All | All |
| Application | Cisco | Mobility Services Engine | - | All | All | All |
| Application | Cisco | Network Assurance Engine | All | All | All | All |
| Application | Cisco | Network Assurance Engine | 6.0\(2.1912\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.0\(1\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.1\(1\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.2\(1\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.3\(1\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.4\(1\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.5\(1\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.5\(2\) | All | All | All |
| Application | Cisco | Network Dashboard Fabric Controller | 11.5\(3\) | All | All | All |
| Application | Cisco | Network Insights For Data Center | 6.0\(2.1914\) | All | All | All |
| Application | Cisco | Network Services Orchestrator | All | All | All | All |
| Application | Cisco | Network Services Orchestrator | - | All | All | All |
| Application | Cisco | Nexus Dashboard | All | All | All | All |
| Application | Cisco | Nexus Insights | All | All | All | All |
| Application | Cisco | Optical Network Controller | All | All | All | All |
| Application | Cisco | Optical Network Controller | 1.1 | All | All | All |
| Application | Cisco | Packaged Contact Center Enterprise | All | All | All | All |
| Application | Cisco | Packaged Contact Center Enterprise | 11.6\(1\) | All | All | All |
| Application | Cisco | Paging Server | All | All | All | All |
| Application | Cisco | Paging Server | 12.5\(2\) | All | All | All |
| Application | Cisco | Paging Server | 14.0\(1\) | All | All | All |
| Application | Cisco | Paging Server | 8.3\(1\) | All | All | All |
| Application | Cisco | Paging Server | 8.4\(1\) | All | All | All |
| Application | Cisco | Paging Server | 8.5\(1\) | All | All | All |
| Application | Cisco | Paging Server | 9.0\(1\) | All | All | All |
| Application | Cisco | Paging Server | 9.0\(2\) | All | All | All |
| Application | Cisco | Paging Server | 9.1\(1\) | All | All | All |
| Application | Cisco | Prime Service Catalog | All | All | All | All |
| Application | Cisco | Prime Service Catalog | 12.1 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | All | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.3 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.4 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.5 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.6 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.6.1 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.7 | All | All | All |
| Application | Cisco | Sd-wan Vmanage | 20.8 | All | All | All |
| Application | Cisco | Smart Phy | All | All | All | All |
| Application | Cisco | Smart Phy | 21.3 | All | All | All |
| Application | Cisco | Smart Phy | 3.1.2 | All | All | All |
| Application | Cisco | Smart Phy | 3.1.3 | All | All | All |
| Application | Cisco | Smart Phy | 3.1.4 | All | All | All |
| Application | Cisco | Smart Phy | 3.1.5 | All | All | All |
| Application | Cisco | Smart Phy | 3.2.1 | All | All | All |
| Application | Cisco | Ucs Central | All | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0 | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1a\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1b\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1c\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1d\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1e\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1f\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1g\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1h\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1k\) | All | All | All |
| Application | Cisco | Ucs Central Software | 2.0\(1l\) | All | All | All |
| Application | Cisco | Ucs Director | All | All | All | All |
| Application | Cisco | Unified Communications Manager | All | All | All | All |
| Application | Cisco | Unified Communications Manager | All | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1.17900.52\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1.18119.2\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1.18900.97\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1.21900.40\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1.22900.28\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1\) | All | All | All |
| Application | Cisco | Unified Communications Manager | 11.5\(1\)su3 | All | All | All |
| Application | Cisco | Unified Communications Manager Im And Presence Service | All | All | All | All |
| Application | Cisco | Unified Communications Manager Im And Presence Service | 11.5\(1\) | All | All | All |
| Application | Cisco | Unified Communications Manager Im Presence Service | 11.5\(1.22900.6\) | All | All | All |
| Application | Cisco | Unified Communications Manager Im Presence Service | 11.5\(1\) | All | All | All |
| Application | Cisco | Unified Computing System | 006.008\(001.000\) | All | All | All |
| Application | Cisco | Unified Contact Center Enterprise | All | All | All | All |
| Application | Cisco | Unified Contact Center Enterprise | 11.6\(2\) | All | All | All |
| Application | Cisco | Unified Contact Center Enterprise | 12.0\(1\) | All | All | All |
| Application | Cisco | Unified Contact Center Enterprise | 12.5\(1\) | All | All | All |
| Application | Cisco | Unified Contact Center Enterprise | 12.6\(1\) | All | All | All |
| Application | Cisco | Unified Contact Center Enterprise | 12.6\(2\) | All | All | All |
| Application | Cisco | Unified Contact Center Express | All | All | All | All |
| Application | Cisco | Unified Contact Center Express | 12.5\(1\) | - | All | All |
| Application | Cisco | Unified Contact Center Express | 12.5\(1\) | su1 | All | All |
| Application | Cisco | Unified Contact Center Express | 12.6\(1\) | All | All | All |
| Application | Cisco | Unified Contact Center Express | 12.6\(2\) | All | All | All |
| Application | Cisco | Unified Contact Center Management Portal | 12.6\(1\) | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | All | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 11.6 | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 11.6\(1\) | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 12.0 | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 12.0\(1\) | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 12.5 | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 12.5\(1\) | All | All | All |
| Application | Cisco | Unified Customer Voice Portal | 12.6\(1\) | All | All | All |
| Application | Cisco | Unified Intelligence Center | 12.6\(1\) | - | All | All |
| Application | Cisco | Unified Intelligence Center | 12.6\(1\) | es01 | All | All |
| Application | Cisco | Unified Intelligence Center | 12.6\(1\) | es02 | All | All |
| Application | Cisco | Unified Intelligence Center | 12.6\(2\) | - | All | All |
| Operating System | Cisco | Unified Intelligence Center | All | All | All | All |
| Application | Cisco | Unified Sip Proxy | 010.000\(000\) | All | All | All |
| Application | Cisco | Unified Sip Proxy | 010.000\(001\) | All | All | All |
| Application | Cisco | Unified Sip Proxy | 010.002\(000\) | All | All | All |
| Application | Cisco | Unified Sip Proxy | 010.002\(001\) | All | All | All |
| Operating System | Cisco | Unified Sip Proxy | All | All | All | All |
| Application | Cisco | Unified Workforce Optimization | 11.5\(1\) | sr7 | All | All |
| Operating System | Cisco | Unified Workforce Optimization | All | All | All | All |
| Application | Cisco | Unity Connection | All | All | All | All |
| Application | Cisco | Unity Connection | 11.5 | All | All | All |
| Application | Cisco | Unity Connection | 11.5\(1.10000.6\) | All | All | All |
| Application | Cisco | Video Surveillance Manager | 7.14\(1.26\) | All | All | All |
| Application | Cisco | Video Surveillance Manager | 7.14\(2.26\) | All | All | All |
| Application | Cisco | Video Surveillance Manager | 7.14\(3.025\) | All | All | All |
| Application | Cisco | Video Surveillance Manager | 7.14\(4.018\) | All | All | All |
| Application | Cisco | Video Surveillance Operations Manager | All | All | All | All |
| Application | Cisco | Virtualized Infrastructure Manager | All | All | All | All |
| Application | Cisco | Virtualized Voice Browser | All | All | All | All |
| Application | Cisco | Virtual Topology System | All | All | All | All |
| Application | Cisco | Virtual Topology System | 2.6.6 | All | All | All |
| Application | Cisco | Wan Automation Engine | All | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.1.3 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.2.1 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.2.2 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.2.3 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.3 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.4 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.5 | All | All | All |
| Application | Cisco | Wan Automation Engine | 7.6 | All | All | All |
| Application | Cisco | Webex Meetings Server | All | All | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | All | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | - | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release1 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release2 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release3 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release3 | - | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release3_security_patch4 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release3_security_patch5 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release3_service_pack_2 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release3_service_pack_3 | All | All |
| Application | Cisco | Webex Meetings Server | 3.0 | maintenance_release4 | All | All |
| Application | Cisco | Webex Meetings Server | 4.0 | All | All | All |
| Application | Cisco | Webex Meetings Server | 4.0 | - | All | All |
| Application | Cisco | Webex Meetings Server | 4.0 | maintenance_release1 | All | All |
| Application | Cisco | Webex Meetings Server | 4.0 | maintenance_release2 | All | All |
| Application | Cisco | Webex Meetings Server | 4.0 | maintenance_release3 | All | All |
| Application | Cisco | Workload Optimization Manager | All | All | All | All |
| Operating System | Debian | Debian Linux | 10.0 | All | All | All |
| Operating System | Debian | Debian Linux | 11.0 | All | All | All |
| Operating System | Debian | Debian Linux | 9.0 | All | All | All |
| Operating System | Fedoraproject | Fedora | 34 | All | All | All |
| Operating System | Fedoraproject | Fedora | 35 | All | All | All |
| Application | Intel | Audio Development Kit | - | All | All | All |
| Application | Intel | Computer Vision Annotation Tool | - | All | All | All |
| Application | Intel | Data Center Manager | All | All | All | All |
| Application | Intel | Data Center Manager | - | All | All | All |
| Application | Intel | Genomics Kernel Library | - | All | All | All |
| Application | Intel | Oneapi Sample Browser | - | All | All | All |
| Application | Intel | Secure Device Onboard | - | All | All | All |
| Application | Intel | Sensor Solution Firmware Development Kit | - | All | All | All |
| Application | Intel | System Debugger | - | All | All | All |
| Application | Intel | System Studio | - | All | All | All |
| Application | Netapp | Active Iq Unified Manager | - | All | All | All |
| Application | Netapp | Active Iq Unified Manager | - | All | All | All |
| Application | Netapp | Active Iq Unified Manager | - | All | All | All |
| Application | Netapp | Cloud Insights | - | All | All | All |
| Application | Netapp | Cloud Manager | - | All | All | All |
| Application | Netapp | Cloud Secure Agent | - | All | All | All |
| Application | Netapp | Oncommand Insight | - | All | All | All |
| Application | Netapp | Ontap Tools | - | All | All | All |
| Application | Netapp | Snapcenter | - | All | All | All |
| Application | Percussion | Rhythmyx | All | All | All | All |
| Application | Siemens | Captial | All | All | All | All |
| Application | Siemens | Captial | 2019.1 | - | All | All |
| Application | Siemens | Captial | 2019.1 | sp1912 | All | All |
| Application | Siemens | Comos | All | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 4.0 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 4.1 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 4.2 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 5.0 | All | All | All |
| Application | Siemens | Desigo Cc Advanced Reports | 5.1 | All | All | All |
| Application | Siemens | Desigo Cc Info Center | 5.0 | All | All | All |
| Application | Siemens | Desigo Cc Info Center | 5.1 | All | All | All |
| Application | Siemens | E-car Operation Center | All | All | All | All |
| Application | Siemens | Energyip | 8.5 | All | All | All |
| Application | Siemens | Energyip | 8.6 | All | All | All |
| Application | Siemens | Energyip | 8.7 | All | All | All |
| Application | Siemens | Energyip | 9.0 | All | All | All |
| Application | Siemens | Energyip Prepay | 3.7 | All | All | All |
| Application | Siemens | Energyip Prepay | 3.8 | All | All | All |
| Application | Siemens | Energy Engage | 3.1 | All | All | All |
| Application | Siemens | Gma-manager | All | All | All | All |
| Application | Siemens | Head-end System Universal Device Integration System | All | All | All | All |
| Application | Siemens | Industrial Edge Management | All | All | All | All |
| Application | Siemens | Industrial Edge Management Hub | All | All | All | All |
| Application | Siemens | Logo! Soft Comfort | All | All | All | All |
| Application | Siemens | Mendix | All | All | All | All |
| Application | Siemens | Mindsphere | All | All | All | All |
| Application | Siemens | Navigator | All | All | All | All |
| Application | Siemens | Nx | All | All | All | All |
| Application | Siemens | Opcenter Intelligence | All | All | All | All |
| Application | Siemens | Operation Scheduler | All | All | All | All |
| Application | Siemens | Sentron Powermanager | 4.1 | All | All | All |
| Application | Siemens | Sentron Powermanager | 4.2 | All | All | All |
| Application | Siemens | Siguard Dsa | 4.2 | All | All | All |
| Application | Siemens | Siguard Dsa | 4.3 | All | All | All |
| Application | Siemens | Siguard Dsa | 4.4 | All | All | All |
| Application | Siemens | Sipass Integrated | 2.80 | All | All | All |
| Application | Siemens | Sipass Integrated | 2.85 | All | All | All |
| Application | Siemens | Siveillance Command | All | All | All | All |
| Application | Siemens | Siveillance Control Pro | All | All | All | All |
| Application | Siemens | Siveillance Identity | 1.5 | All | All | All |
| Application | Siemens | Siveillance Identity | 1.6 | All | All | All |
| Application | Siemens | Siveillance Vantage | All | All | All | All |
| Application | Siemens | Siveillance Viewpoint | All | All | All | All |
| Application | Siemens | Solid Edge Cam Pro | All | All | All | All |
| Application | Siemens | Solid Edge Harness Design | All | All | All | All |
| Application | Siemens | Solid Edge Harness Design | 2020 | All | All | All |
| Application | Siemens | Solid Edge Harness Design | 2020 | - | All | All |
| Application | Siemens | Solid Edge Harness Design | 2020 | sp2002 | All | All |
| Application | Siemens | Spectrum Power 4 | All | All | All | All |
| Application | Siemens | Spectrum Power 4 | 4.70 | - | All | All |
| Application | Siemens | Spectrum Power 4 | 4.70 | sp7 | All | All |
| Application | Siemens | Spectrum Power 4 | 4.70 | sp8 | All | All |
| Application | Siemens | Spectrum Power 7 | All | All | All | All |
| Application | Siemens | Spectrum Power 7 | 2.30 | All | All | All |
| Application | Siemens | Spectrum Power 7 | 2.30 | - | All | All |
| Application | Siemens | Spectrum Power 7 | 2.30 | sp2 | All | All |
| Hardware | Siemens | Sppa-t3000 Ses3000 | - | All | All | All |
| Operating System | Siemens | Sppa-t3000 Ses3000 Firmware | All | All | All | All |
| Application | Siemens | Teamcenter | All | All | All | All |
| Application | Siemens | Vesys | All | All | All | All |
| Application | Siemens | Vesys | 2019.1 | All | All | All |
| Application | Siemens | Vesys | 2019.1 | - | All | All |
| Application | Siemens | Vesys | 2019.1 | sp1912 | All | All |
| Application | Siemens | Xpedition Enterprise | - | All | All | All |
| Application | Siemens | Xpedition Package Integrator | - | All | All | All |
| Application | Snowsoftware | Snow Commander | All | All | All | All |
| Application | Snowsoftware | Vm Access Proxy | All | All | All | All |
| Application | Sonicwall | Email Security | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| oss-security - Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints | MLIST | www.openwall.com | |
| Debian -- Security Information -- DSA-5020-1 apache-log4j2 | DEBIAN | www.debian.org | |
| cert-portal.siemens.com/productcert/pdf/ssa-661247.pdf | CONFIRM | cert-portal.siemens.com | |
| Full Disclosure: Intel Data Center Manager <= 5.1 Local Privileges Escalation | FULLDISC | seclists.org | |
| Log4j Remote Code Execution Word Bypassing ≈ Packet Storm | MISC | packetstormsecurity.com | |
| MobileIron Log4Shell Remote Command Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Security Advisory | CONFIRM | psirt.global.sonicwall.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-714170.pdf | CONFIRM | cert-portal.siemens.com | |
| CVE-2021-44228 Apache Log4j Vulnerability in NetApp Products | NetApp Product Security | CONFIRM | security.netapp.com | |
| oss-security - CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| oss-security - Re: CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 | MLIST | www.openwall.com | |
| VMware Security Advisory 2021-0028 ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Log4j2 Log4Shell Regexes ≈ Packet Storm | MISC | packetstormsecurity.com | |
| [SECURITY] Fedora 35 Update: log4j-2.15.0-1.fc35 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 34 Update: jansi-2.1.1-4.fc34 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| oss-security - CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints | MLIST | www.openwall.com | |
| Oracle Critical Patch Update Advisory - April 2022 | MISC | www.oracle.com | |
| Log4Shell HTTP Header Injection ≈ Packet Storm | MISC | packetstormsecurity.com | |
| oss-security - Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| Log4j Payload Generator ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Vulnerabilities in Apache Log4j Library Affecting Cisco Products: December 2021 | MISC | tools.cisco.com | Third Party Advisory |
| log4j-affected-db/SOFTWARE-LIST.md at develop · cisagov/log4j-affected-db · GitHub | MISC | github.com | |
| Full Disclosure: Open-Xchange Security Advisory 2022-07-21 | FULLDISC | seclists.org | |
| L4sh Log4j Remote Code Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| VMware vCenter Server Unauthenticated Log4Shell JNDI Injection Remote Code Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| [SECURITY] Fedora 35 Update: log4j-2.15.0-1.fc35 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| CVE-2021-44228 | MISC | www.nu11secur1ty.com | |
| Kurt Seifried (He/Him) on Twitter: "A reminder that the entry for CVE-2021-44228 https://t.co/64ubPm9b1e doesn't include any details about exploitation, or links to sources with information about exploitation. The GlobalSecurityDatabase does https://t.co/kEcp0vZgbg… https://t.co/VKUkDio9yb" | MISC | twitter.com | |
| BE-2022-0001: Use of Log4j in RenderFarm component for SYNCHRO 4D Pro and SYNCHRO Pro | MISC | www.bentley.com | |
| Oracle Critical Patch Update Advisory - January 2022 | MISC | www.oracle.com | |
| UniFi Network Application Unauthenticated Log4Shell Remote Code Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Apache Log4j2 2.14.1 Remote Code Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| oss-security - Re: CVE-2021-45046: Apache Log4j2 Thread Context Message Pattern and Context Lookup Pattern vulnerable to a denial of service attack | MLIST | www.openwall.com | |
| Open-Xchange App Suite 7.10.x Cross Site Scripting / Command Injection ≈ Packet Storm | MISC | packetstormsecurity.com | |
| oss-security - Re: CVE-2021-44228: Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints | MLIST | www.openwall.com | |
| Full Disclosure: APPLE-SA-2022-03-14-7 Xcode 13.3 | FULLDISC | seclists.org | |
| About the security content of Xcode 13.3 - Apple Support | CONFIRM | support.apple.com | |
| Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 – Microsoft Security Response Center | MS | msrc-blog.microsoft.com | |
| log4j-scan Extensive Scanner ≈ Packet Storm | MISC | packetstormsecurity.com | |
| INTEL-SA-00646 | CONFIRM | www.intel.com | |
| VMware Security Advisory 2021-0028.4 ≈ Packet Storm | MISC | packetstormsecurity.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-479842.pdf | CONFIRM | cert-portal.siemens.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-397453.pdf | CONFIRM | cert-portal.siemens.com | |
| oss-security - CVE-2021-4104: Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2 | MLIST | www.openwall.com | |
| Apache Log4j2 2.14.1 Information Disclosure ≈ Packet Storm | MISC | packetstormsecurity.com | |
| Apache Log4j2 2.14.1 Remote Code Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| GitHub - cisagov/log4j-affected-db: A community sourced list of log4j-affected software | MISC | github.com | |
| Oracle Security Alert Advisory - CVE-2021-44228 | CONFIRM | www.oracle.com | |
| CVE-mitre/CVE-2021-44228 at main · nu11secur1ty/CVE-mitre · GitHub | MISC | github.com | |
| Log4j – Apache Log4j Security Vulnerabilities | MISC | logging.apache.org | |
| VU#930724 - Apache Log4j allows insecure JNDI lookups | CERT-VN | www.kb.cert.org | |
| AD Manager Plus 7122 Remote Code Execution ≈ Packet Storm | MISC | packetstormsecurity.com | |
| [SECURITY] Fedora 34 Update: jansi-2.1.1-4.fc34 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] [DLA 2842-1] apache-log4j2 security update | MLIST | lists.debian.org | |
| [SECURITY] Fedora 34 Update: log4j-2.17.0-1.fc34 - package-announce - Fedora Mailing-Lists | MITRE | lists.fedoraproject.org | |
| [SECURITY] Fedora 35 Update: log4j-2.17.0-1.fc35 - package-announce - Fedora Mailing-Lists | MITRE | lists.fedoraproject.org | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
Vendor Comments And Credit
Discovery Credit
LEGACY: This issue was discovered by Chen Zhaojun of Alibaba Cloud Security Team.
Legacy QID Mappings
- 150440 Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell CVE-2021-44228)
- 150441 Forms Vulnerable to Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell CVE-2021-44228)
- 178934 Debian Security Update for apache-log4j2 (DSA 5020-1)
- 178935 Debian Security Update for apache-log4j2 (DLA 2842-1)
- 178942 Debian Security Update for apache-log4j2 (DSA 5022-1)
- 183497 Debian Security Update for apache-log4j2 (CVE-2021-44228)
- 198604 Ubuntu Security Notification for Apache Log4j 2 Vulnerability (USN-5192-1)
- 198606 Ubuntu Security Notification for Apache Log4j 2 Vulnerability (USN-5197-1)
- 20245 IBM DB2 Security Update for Log4j
- 216275 VMware vCenter Server 7.0 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 216276 VMware vCenter Server 6.7 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 216277 VMware vCenter Server 6.5 Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 282110 Fedora Security Update for log4j (FEDORA-2021-f0f501d01f)
- 282181 Fedora Security Update for jansi (FEDORA-2021-66d6c484f3)
- 282198 Fedora Security Update for log4j (FEDORA-2021-5c9d12a93e) (Log4Shell)
- 282200 Fedora Security Update for log4j (FEDORA-2021-abbe24e41c) (Log4Shell)
- 317114 Cisco Secure Web Appliance Log4j Remote Code Execution (RCE) Vulnerability (CSCwa47278)
- 317115 Cisco SD-WAN Log4j Remote Code Execution (RCE) Vulnerability (CSCwa47745)
- 317116 Cisco Unified Contact Center Enterprise Log4j Remote Code Enterprise (CSCwa47273)
- 317117 Cisco Integrated Management Controller (IMC) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317118 Cisco Application Policy Infrastructure Controller (APIC) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317119 Cisco Firepower Threat Defense (FTD) software Vulnerability in Apache Log4j (cisco-sa-apache-log4j-qRuKNEbd)
- 317120 Cisco Unified Communications Manager (CUCM) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317121 Cisco Unified Communications Manager IM and Presence Service (formerly CUPS) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317122 Cisco Webex Meetings Server Apache Log4j Vulnerability (CSCwa47283)
- 317123 Cisco UCS Central Software Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 317186 Cisco Identity Services Engine (ISE) Log4j2 Vulnerability (CSCwa47133)
- 353084 Amazon Linux Security Advisory for aws-kinesis-agent : ALAS2-2021-1730
- 353085 Amazon Linux Security Advisory for java-1.8.0-openjdk, java-1.7.0-openjdk, java-1.6.0-openjdk : ALAS-2021-1553
- 353086 Amazon Linux Security Advisory for java-11-openjdk : ALAS2JAVA-OPENJDK11-2021-001
- 353087 Amazon Linux Security Advisory for java-1.8.0-amazon-corretto : ALAS2CORRETTO8-2021-001
- 353088 Amazon Linux Security Advisory for java-17-amazon-corretto, java-11-amazon-corretto, java-1.8.0-openjdk, java-1.7.0-openjdk : ALAS2-2021-1731
- 354306 Amazon Linux Security Advisory for log4j : ALAS2022-2021-003
- 354369 Amazon Linux Security Advisory for log4j : ALAS2022-2022-225
- 354538 Amazon Linux Security Advisory for log4j : ALAS-2022-225
- 376157 Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell)
- 376160 Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell) Detected Based on Qualys Log4j scan Utility
- 376183 VMware NSX-T Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 376184 VMware Identity Manager (vIDM) and Workspace ONE Access Apache Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028)
- 376185 DataDog Agent Log4j Remote Code Execution (RCE) Vulnerability
- 376192 Elasticsearch Logstash Log4j Remote Code Execution (RCE) Vulnerability
- 376205 Apple Xcode Prior to 13.2.1 Log4j Vulnerability
- 376207 VMware Horizon Windows Agent Apache Log4j Remote Code Execution (RCE) Vulnerabilities (VMSA-2021-0028) (Log4Shell)
- 376222 IBM Cognos Analytics Apache Log4j Vulnerability (6528388)
- 376230 Dell EMC NetWorker Apache Log4j multiple Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 376231 Dell EMC NetWorker Server Apache Log4j multiple Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 376245 VMware Tanzu GemFire Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028) (Log4Shell)
- 376246 Ping Identity PingAccess Affected By Apache Log4j Vulnerability (Log4Shell)
- 376261 VMware vRealize Orchestrator, VMware vRealize Automation and VMware vRealize Lifecycle Manager Log4j Remote Code Execution (RCE) Vulnerability (VMSA-2021-0028) (Log4Shell)
- 376267 Tableau Server and Desktop Multiple Vulnerabilities (Log4Shell)
- 376362 Salesforce Data Loader Log4j Remote Code Execution (RCE) Vulnerability
- 376379 IBM Tivoli Netcool Log4j Vulnerability (6527266)
- 376390 TIBCO BusinessEvents Log4j Vulnerability
- 376391 IBM WebSphere Application Server Remote Code Execution (RCE) Vulnerability (Log4Shell) (6525706)
- 376406 Adobe ColdFusion advisory for Apache Log4j Vulnerability (Log4Shell)
- 376417 VMware Horizon Connection Server Apache Log4j Remote Code Execution (RCE) Vulnerabilities (VMSA-2021-0028) (Log4Shell)
- 376450 Symantec Endpoint Protection Manager (SEPM) Log4j Vulnerability (SYMSA19793)
- 376477 Autonomous Health Framework (AHF) Multiple Vulnerabilities (Log4Shell) (Doc ID 2828415.1)
- 376491 Apple Xcode Multiple Vulnerabilities (HT213189)
- 376555 IBM Sterling Connect Direct Log4Shell Vulnreability
- 48199 Environment Variables Mitigation Applied for Log4Shell (CVE-2021-44228) Windows and Unix
- 590619 Siemens SENTRON Powermanager Apache Log4j Denial of Service (DoS) Vulnerability (SSA-661247) (Log4Shell)
- 590638 Schneider Electric EcoStruxure IT Gateway Apache Log4j Vulnerability (Log4Shell) (SESB-2021-347-01)
- 590646 Johnson Controls exacq Enterprise Manager Remote Code Execution Vulnerability (ICSA-21-357-02)
- 690737 Free Berkeley Software Distribution (FreeBSD) Security Update for graylog (3fadd7e4-f8fb-45a0-a218-8fd6423c338f)
- 690740 Free Berkeley Software Distribution (FreeBSD) Security Update for opensearch (4b1ac5a3-5bd4-11ec-8602-589cfc007716)
- 690741 Free Berkeley Software Distribution (FreeBSD) Security Update for openhab (93a1c9a7-5bef-11ec-a47a-001517a2e1a4)
- 690745 Free Berkeley Software Distribution (FreeBSD) Security Update for bastillion (515df85a-5cd7-11ec-a16d-001517a2e1a4)
- 690747 Free Berkeley Software Distribution (FreeBSD) Security Update for serviio (1ea05bb8-5d74-11ec-bb1e-001517a2e1a4)
- 730297 Apache Log4j Remote Code Execution (RCE) Vulnerability (Log4Shell) (Unauthenticated)
- 730301 Apache Solr Affected By Apache Log4J Vulnerability (Log4Shell)
- 730302 Atlassian Bitbucket Server and Data Center Versions Security Fixes (CVE-2021-44228)
- 730303 Apache Flink Emergency Release for Apache Log4j Vulnerability (Log4Shell)
- 730317 VMware Horizon Windows and Linux Agent Apache Log4j Remote Code Execution (RCE) Vulnerabilities (Unauthenticated Check) (Log4Shell)
- 730318 Palo Alto Networks (PAN-OS) Log4j Multiple Vulnerabilities (PAN-184592) (Log4Shell)
- 730329 Dell EMC NetWorker Virtual Edition Multiple Apache Log4j Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 730331 Dell EMC NetWorker Virtual Edition multiple Apache Log4j Remote Code Execution (RCE) Vulnerabilities (DSA-2021-280)
- 730332 Couchbase Server Security Update For Log4shell
- 730362 Neo4j Database Server Affected by Apache Log4j Security Vulnerability
- 730367 Dell EMC SRM Remote Code Execution (RCE) Vulnerability (DSA-2021-301)
- 730371 McAfee Web Gateway Multiple Vulnerabilities (WP-3335,WP-4131,WP-4159,WP-4237,WP-4259,WP-4329,WP-4348,WP-4355,WP-4376,WP-4407,WP-4421)
- 751493 OpenSUSE Security Update for log4j (openSUSE-SU-2021:4107-1)
- 751496 OpenSUSE Security Update for log4j (openSUSE-SU-2021:1586-1)
- 751499 OpenSUSE Security Update for log4j (openSUSE-SU-2021:4094-1)
- 751506 OpenSUSE Security Update for log4j (openSUSE-SU-2021:1577-1)
- 751508 OpenSUSE Security Update for log4j (openSUSE-SU-2021:3999-1)
- 751526 OpenSUSE Security Update for logback (openSUSE-SU-2021:4109-1)
- 751536 OpenSUSE Security Update for log4j (openSUSE-SU-2021:1601-1) (Log4Shell)
- 751557 OpenSUSE Security Update for logback (openSUSE-SU-2021:1613-1) (Log4Shell)
- 87473 Cisco Nexus Dashboard Fabric Controller (Formerly DCNM) Apache Log4j Vulnerability (cisco-sa-apache-log4j-qRuKNEbd)
- 87482 Oracle WebLogic Server Multiple Vulnerabilities (Log4Shell) (Doc_ID_2828556.1)
- 984157 Java (maven) Security Update for org.apache.logging.log4j:log4j-api (GHSA-jfh8-c2jp-5v3q)