-
-
Save raytheon0x21/6d6afc52d080c1f4dcea00a9d9d90d94 to your computer and use it in GitHub Desktop.
Revisions
-
SwitHak revised this gist
Dec 12, 2021 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,6 +4,11 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) - If you want to add a link, comment or send it to me - Feel free to report any mistake directly below in the comment or in DM on Twitter [@SwitHak](https://twitter.com/SwitHak) # Other great ressources - Royce Williams list is different, listed by vendors responses: - https://www.techsolvency.com/story-so-far/cve-2021-44228-log4j-log4shell/ - TBD # A ## Akamai : https://www.akamai.com/blog/news/CVE-2021-44228-Zero-Day-Vulnerability ## Apache Druid : https://github.com/apache/druid/pull/12051 -
Dec 12, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -74,6 +74,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## ForcePoint : https://support.forcepoint.com/s/article/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-Forcepoint-Security-Manager ## Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228 ## ForgeRock : https://backstage.forgerock.com/knowledge/kb/book/b21824339 ## Fortinet : https://www.fortiguard.com/psirt/FG-IR-21-245 ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G -
Dec 12, 2021 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -11,6 +11,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv ## Apache Solr : https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 ## Apache Struts : https://struts.apache.org/announce-2021#a20211212-2 ## Apero CAS : https://apereo.github.io/2021/12/11/log4j-vuln/ ## APPSHEET : https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976 ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 @@ -55,6 +56,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Dell : https://www.dell.com/support/kbdoc/fr-fr/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability ## Docker : https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ ## Docusign : https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability ## DRAW.IO : https://twitter.com/drawio/status/1470061320066277382 ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 @@ -93,6 +95,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 # I ## I2P : https://geti2p.net/en/blog/post/2021/12/11/i2p-unaffected-cve-2021-44228 ## Ignite Realtime : https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108 ## Imperva : https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/ ## Inductive Automation : https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day -
Dec 12, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -131,6 +131,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # N ## N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability ## NELSON : https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala ## NEO4J : https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856 ## NetApp : https://security.netapp.com/advisory/ntap-20211210-0007/ ## Netflix : https://github.com/search?q=org%3ANetflix+CVE-2021-44228&type=commits ## NextGen Healthcare Mirth : https://github.com/nextgenhealthcare/connect/discussions/4892#discussioncomment-1789526 -
Dec 12, 2021 . 1 changed file with 0 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -201,7 +201,6 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # T ## Talend : https://jira.talendforge.org/browse/TCOMP-2054 ## TealiumIQ : https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824 ## TrendMicro : https://success.trendmicro.com/solution/000289940 -
Dec 12, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -207,6 +207,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # U ## Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 ## Ubuntu : https://ubuntu.com/security/CVE-2021-44228 ## USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability # V -
Dec 12, 2021 . 1 changed file with 7 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -62,6 +62,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Eclipse Foundation : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3992521 ## Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 ## ESET : https://forum.eset.com/topic/30691-log4j-vulnerability/?do=findComment&comment=143745 ## ESRI : https://www.esri.com/arcgis-blog/products/arcgis-enterprise/administration/arcgis-software-and-cve-2021-44228-aka-log4shell-aka-logjam/ ## EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2 # F @@ -70,6 +71,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Fastly : https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j ## ForcePoint : https://support.forcepoint.com/s/article/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-Forcepoint-Security-Manager ## Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228 ## ForgeRock : https://backstage.forgerock.com/knowledge/kb/book/b21824339 ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G @@ -82,6 +84,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## GrayLog : https://www.graylog.org/post/graylog-update-for-log4j ## GratWiFi WARNING I can't confirm it: https://www.facebook.com/GratWiFi/posts/396447615600785 ## GuardedBox : https://twitter.com/GuardedBox/status/1469739834117799939 ## Guidewire : https://community.guidewire.com/s/article/Update-to-customers-who-have-questions-about-the-use-of-log4j-in-Guidewire-products # H ## HackerOne : https://twitter.com/jobertabma/status/1469490881854013444 @@ -90,6 +93,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 # I ## Ignite Realtime : https://discourse.igniterealtime.org/t/openfire-4-6-5-released/91108 ## Imperva : https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/ ## Inductive Automation : https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day ## Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update @@ -183,9 +187,11 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## SLF4J : http://slf4j.org/log4shell.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Software AG : https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849 ## SolarWinds : https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 ## Sonatype : https://blog.sonatype.com/a-new-0-day-log4j-vulnerability-discovered-in-the-wild ## SonicWall : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## Splunk : https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html ## Spring Boot : https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ## SUSE : https://www.suse.com/security/cve/CVE-2021-44228.html -
Dec 12, 2021 . 1 changed file with 15 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,8 +16,10 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html ## Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 ## Avantra SYSLINK : https://support.avantra.com/support/solutions/articles/44002291388-cve-2021-44228-log4j-2-vulnerability ## Avaya : https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 ## AWS New : https://aws.amazon.com/security/security-bulletins/AWS-2021-006/ ## AWS OLD: https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ ## AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 # B @@ -41,6 +43,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1 ## ConnectWise : https://www.connectwise.com/company/trust/advisories ## ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 ## ControlUp : https://status.controlup.com/incidents/qqyvh7b1dz8k ## Coralogix : https://twitter.com/Coralogix/status/1469713430659559425 ## CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 ## CyberArk : https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228 @@ -74,8 +77,10 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q ## GoAnywhere : https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps ## Google Cloud Global Products coverage : https://cloud.google.com/log4j2-security-advisory ## Google Cloud Armor WAF : https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability ## GrayLog : https://www.graylog.org/post/graylog-update-for-log4j ## GratWiFi WARNING I can't confirm it: https://www.facebook.com/GratWiFi/posts/396447615600785 ## GuardedBox : https://twitter.com/GuardedBox/status/1469739834117799939 # H @@ -107,6 +112,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Leanix : https://www.leanix.net/en/blog/log4j-vulnerability-log4shell ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 ## Lightbend : https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275 ## LogRhythm CISO email I can't confirmed : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3992599 # M ## Macchina io : https://twitter.com/macchina_io/status/1469611606569099269 @@ -115,7 +121,8 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 ## Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ ## Minecraft : https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition ## MISP : https://twitter.com/MISPProject/status/1470051242038673412 ## Mulesoft : https://help.mulesoft.com/s/article/Apache-Log4j2-vulnerability-December-2021 # N ## N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability @@ -124,6 +131,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Netflix : https://github.com/search?q=org%3ANetflix+CVE-2021-44228&type=commits ## NextGen Healthcare Mirth : https://github.com/nextgenhealthcare/connect/discussions/4892#discussioncomment-1789526 ## Newrelic : https://github.com/newrelic/newrelic-java-agent/issues/605 ## Nutanix : https://download.nutanix.com/alerts/Security_Advisory_0023.pdf # O ## Okta : https://sec.okta.com/articles/2021/12/log4shell @@ -151,6 +159,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Quest KACE : https://support.quest.com/kace-systems-management-appliance/kb/335869/is-the-kace-sma-affected-by-cve-2021-44228 # R ## Radware : https://support.radware.com/app/answers/answer_view/a_id/1029752 ## Red5Pro : https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## Revenera / Flexera : https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 @@ -162,6 +171,8 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## SAFE FME Server : https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j ## SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 ## Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1 ## SAP BusinessObjects : https://launchpad.support.sap.com/#/notes/3129956 ## SAP Global coverage : https://launchpad.support.sap.com/#/notes/3129930 ## SAS : https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 @@ -193,6 +204,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability # V ## Varonis : https://help.varonis.com/s/article/Apache-Log4j-Zero-Day-Vulnerability-CVE-2021-44228 ## Veeam : https://forums.veeam.com/veeam-backup-for-azure-f59/log4j-cve-2021-44228-vulnerability-t78225.html#p438231 ## Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md ## VMware : https://www.vmware.com/security/advisories/VMSA-2021-0028.html @@ -213,6 +225,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # Z ## ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 ## Zaproxy : https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ ## Zerto : https://help.zerto.com/kb/000004822 ## Zesty : https://www.zesty.io/mindshare/company-announcements/log4j-exploit/ ## ZSCALER : https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021 -
Dec 12, 2021 . No changes.There are no files selected for viewing
-
Dec 12, 2021 . 1 changed file with 6 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -43,6 +43,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 ## Coralogix : https://twitter.com/Coralogix/status/1469713430659559425 ## CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 ## CyberArk : https://cyberark-customers.force.com/s/article/Critical-Vulnerability-CVE-2021-44228 ## Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 # D @@ -55,7 +56,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 # E ## Eclipse Foundation : https://gist.github.com/SwitHak/b66db3a06c2955a9cb71a8718970c592#gistcomment-3992521 ## Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 ## ESET : https://forum.eset.com/topic/30691-log4j-vulnerability/?do=findComment&comment=143745 ## EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2 @@ -114,6 +115,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 ## Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ ## Minecraft : https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition ## MISp : https://twitter.com/MISPProject/status/1470051242038673412 # N ## N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability @@ -137,6 +139,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## PaperCut : https://www.papercut.com/support/known-issues/#PO-684 ## Parse.ly : https://blog.parse.ly/parse-ly-log4shell/ ## Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability ## PingIdentity : https://support.pingidentity.com/s/article/Log4j2-vulnerability-CVE-CVE-2021-44228 ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Progress / IpSwitch : https://www.progress.com/security ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR @@ -156,13 +159,15 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Rubrik : https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK # S ## SAFE FME Server : https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j ## SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 ## Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1 ## SAS : https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791 ## Shibboleth : http://shibboleth.net/pipermail/announce/2021-December/000253.html ## Signald : https://gitlab.com/signald/signald/-/issues/259 ## Skillable : https://skillable.com/log4shell/ ## SLF4J : http://slf4j.org/log4shell.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 -
Dec 12, 2021 . 1 changed file with 4 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -25,6 +25,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## BitDefender : https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability ## BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/ ## BMC Software : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability ## Boomi DELL : https://community.boomi.com/s/question/0D56S00009UQkx4SAD/is-boomi-installation-moleculegateway-protected-from-cve202144228-log4j ## Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 # C @@ -56,6 +57,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # E ## Eclipse Foundation : https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751 ## Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 ## ESET : https://forum.eset.com/topic/30691-log4j-vulnerability/?do=findComment&comment=143745 ## EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2 # F @@ -107,6 +109,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # M ## Macchina io : https://twitter.com/macchina_io/status/1469611606569099269 ## MailCow : https://github.com/mailcow/mailcow-dockerized/issues/4375 ## McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091 ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 ## Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ @@ -163,6 +166,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Skillable : https://skillable.com/log4shell/ ## SLF4J : http://slf4j.org/log4shell.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Software AG : https://tech.forums.softwareag.com/t/log4j-zero-day-vulnerability/253849 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 ## SonicWall : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 -
Dec 12, 2021 . 1 changed file with 10 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,9 +12,11 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv ## Apache Solr : https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 ## Apero CAS : https://apereo.github.io/2021/12/11/log4j-vuln/ ## APPSHEET : https://community.appsheet.com/t/appsheet-statement-on-log4j-vulnerability-cve-2021-44228/59976 ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html ## Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 ## Avaya : https://support.avaya.com/helpcenter/getGenericDetails?detailId=1399839287609 ## AWS : https://aws.amazon.com/security/security-bulletins/AWS-2021-005/ ## AZURE Datalake store java : https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310 @@ -47,6 +49,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## Dell : https://www.dell.com/support/kbdoc/fr-fr/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability ## Docker : https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ ## Docusign : https://www.docusign.com/trust/alerts/alert-docusign-statement-on-the-log4j2-vulnerability ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 @@ -74,6 +77,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # H ## HackerOne : https://twitter.com/jobertabma/status/1469490881854013444 ## HCL Software : https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095486 ## Huawei : https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 @@ -128,6 +132,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 ## PaperCut : https://www.papercut.com/support/known-issues/#PO-684 ## Parse.ly : https://blog.parse.ly/parse-ly-log4shell/ ## Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Progress / IpSwitch : https://www.progress.com/security @@ -142,6 +147,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # R ## Red5Pro : https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## Revenera / Flexera : https://community.flexera.com/t5/Revenera-Company-News/Security-Advisory-Log4j-Java-Vulnerability-CVE-2021-44228/ba-p/216905 ## RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/ ## RSA : https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501 ## Rubrik : https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK @@ -154,6 +160,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791 ## Shibboleth : http://shibboleth.net/pipermail/announce/2021-December/000253.html ## Skillable : https://skillable.com/log4shell/ ## SLF4J : http://slf4j.org/log4shell.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce @@ -169,19 +176,22 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # T ## Talend : https://jira.talendforge.org/browse/TCOMP-2054 ## Tanium : https://community.tanium.com/s/article/How-Tanium-Can-Help-with-CVE-2021-44228-Log4Shell ## TealiumIQ : https://community.tealiumiq.com/t5/Announcements-Blog/Update-on-Log4j-Security-Vulnerability/ba-p/36824 ## TrendMicro : https://success.trendmicro.com/solution/000289940 # U ## Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 ## USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability # V ## Veeam : https://forums.veeam.com/veeam-backup-for-azure-f59/log4j-cve-2021-44228-vulnerability-t78225.html#p438231 ## Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md ## VMware : https://www.vmware.com/security/advisories/VMSA-2021-0028.html # W ## Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/ ## WatchGuard / Secplicity / https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/ ## WitFoo : https://www.witfoo.com/blog/emergency-update-for-cve-2021-44228-log4j/ ## Wowza : https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve ## WSO2 : https://github.com/wso2/security-tools/pull/169 -
Dec 12, 2021 . 1 changed file with 11 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -20,6 +20,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 ## BitDefender : https://businessinsights.bitdefender.com/security-advisory-bitdefender-response-to-critical-0-day-apache-log4j2-vulnerability ## BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/ ## BMC Software : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability ## Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 @@ -33,6 +34,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ ## CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ ## CommVault https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985?postid=11745#post11745 ## ConcreteCMS.com : https://www.concretecms.com/about/blog/security/concrete-log4j-zero-day-exploit ## Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1 ## ConnectWise : https://www.connectwise.com/company/trust/advisories ## ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 @@ -62,6 +64,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G ## Genesys : https://www.genesys.com/blog/post/genesys-update-on-the-apache-log4j-vulnerability ## Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q ## GoAnywhere : https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps @@ -94,6 +97,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Keycloak : https://github.com/keycloak/keycloak/discussions/9078 # L ## Leanix : https://www.leanix.net/en/blog/log4j-vulnerability-log4shell ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 ## Lightbend : https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275 @@ -119,6 +123,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## OpenMRS TALK : https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341 ## OpenSearch : https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950 ## Oracle : https://www.oracle.com/security-alerts/alert-cve-2021-44228.html ## OxygenXML : https://www.oxygenxml.com/security/advisory/CVE-2019-17571.html # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 @@ -132,8 +137,10 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # Q ## Qlik : https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368 ## Quest KACE : https://support.quest.com/kace-systems-management-appliance/kb/335869/is-the-kace-sma-affected-by-cve-2021-44228 # R ## Red5Pro : https://www.red5pro.com/blog/red5-marked-safe-from-log4j-and-log4j2-zero-day/ ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/ ## RSA : https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501 @@ -166,6 +173,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # U ## Ubiquiti-UniFi-UI : https://community.ui.com/releases/UniFi-Network-Application-6-5-54/d717f241-48bb-4979-8b10-99db36ddabe1 ## USSIGNAL MSP : https://ussignal.com/blog/apache-log4j-vulnerability # V ## Vespa ENGINE : https://github.com/vespa-engine/blog/blob/f281ce4399ed3e97b4fed32fcc36f9ba4b17b1e2/_posts/2021-12-10-log4j-vulnerability.md @@ -178,12 +186,15 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## WSO2 : https://github.com/wso2/security-tools/pull/169 # X ## XCP-ng : https://xcp-ng.org/forum/topic/5315/log4j-vulnerability-impact # Y ## Yandex-Cloud : https://github.com/yandex-cloud/docs/blob/6ff6c676787756e7dd6101c53b051e4cd04b3e85/ru/overview/security-bulletins/index.md#10122021--cve-2021-44228--%D1%83%D0%B4%D0%B0%D0%BB%D0%B5%D0%BD%D0%BD%D0%BE%D0%B5-%D0%B2%D1%8B%D0%BF%D0%BE%D0%BB%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5-%D0%BA%D0%BE%D0%B4%D0%B0-log4shell-apache-log4j # Z ## ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 ## Zaproxy : https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ ## Zesty : https://www.zesty.io/mindshare/company-announcements/log4j-exploit/ ## ZSCALER : https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021 ## Errors, typos, something to say ? -
Dec 12, 2021 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -125,7 +125,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## PaperCut : https://www.papercut.com/support/known-issues/#PO-684 ## Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Progress / IpSwitch : https://www.progress.com/security ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR ## Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ ## Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) -
Dec 12, 2021 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,7 +21,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 ## BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/ ## BMC Software : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability ## Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 # C -
Dec 12, 2021 . 1 changed file with 17 additions and 2 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -21,6 +21,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # B ## BACKBLAZE : https://twitter.com/backblaze/status/1469477224277368838 ## BitNami By VMware : https://docs.bitnami.com/general/security/security-2021-12-10/ ## BMC : https://community.bmc.com/s/news/aA33n000000TSUdCAO/bmc-security-advisory-for-cve202144228-log4shell-vulnerability ## Broadcom : https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793 # C @@ -55,6 +56,8 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 ## F-Secure https://status.f-secure.com/incidents/sk8vmr0h34pd ## Fastly : https://www.fastly.com/blog/digging-deeper-into-log4shell-0day-rce-exploit-found-in-log4j ## ForcePoint : https://support.forcepoint.com/s/article/CVE-2021-44228-Java-log4j-vulnerability-mitigation-with-Forcepoint-Security-Manager ## Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228 ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ @@ -72,20 +75,23 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 # I ## Imperva : https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/ ## Inductive Automation : https://support.inductiveautomation.com/hc/en-us/articles/4416204541709-Regarding-CVE-2021-44228-Log4j-RCE-0-day ## Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update ## Ivanti : https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US # J ## JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740 ## JazzSM DASH IBM : https://www.ibm.com/support/pages/node/6525552 ## Jenkins : https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/ ## JetBrains Teamcity : https://youtrack.jetbrains.com/issue/TW-74298 ## JFROG : https://twitter.com/jfrog/status/1469385793823199240 ## Jitsi : https://github.com/jitsi/security-advisories/blob/4e1ab58585a8a0593efccce77d5d0e22c5338605/advisories/JSA-2021-0004.md # K ## Kafka Connect CosmosDB : https://github.com/microsoft/kafka-connect-cosmosdb/blob/0f5d0c9dbf2812400bb480d1ff0672dfa6bb56f0/CHANGELOG.md ## Kaseya : https://helpdesk.kaseya.com/hc/en-gb/articles/4413449967377-Log4j2-Vulnerability-Assessment ## Keycloak : https://github.com/keycloak/keycloak/discussions/9078 # L ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 @@ -95,6 +101,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Macchina io : https://twitter.com/macchina_io/status/1469611606569099269 ## McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091 ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 ## Microsoft : https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/ ## Minecraft : https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition # N @@ -109,13 +116,16 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Okta : https://sec.okta.com/articles/2021/12/log4shell ## OpenHab : https://github.com/openhab/openhab-distro/pull/1343 ## OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ ## OpenMRS TALK : https://talk.openmrs.org/t/urgent-security-advisory-2021-12-11-re-apache-log4j-2/35341 ## OpenSearch : https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950 ## Oracle : https://www.oracle.com/security-alerts/alert-cve-2021-44228.html # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 ## PaperCut : https://www.papercut.com/support/known-issues/#PO-684 ## Pega : https://docs.pega.com/security-advisory/security-advisory-apache-log4j-zero-day-vulnerability ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Progress / IpSwitch MoveIt : https://knowledgebase.progress.com/articles/Knowledge/Is-MOVEit-vulnerable-to-CVE-2021-44228-Log4j ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR ## Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ ## Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) @@ -132,6 +142,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # S ## SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 ## Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1 ## SAS : https://support.sas.com/content/support/en/security-bulletins/remote-code-execution-vulnerability-cve-2021-44228.html ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791 @@ -141,10 +152,12 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 ## SonicWall : https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0032 ## Splunk : https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html ## Spring Boot : https://spring.io/blog/2021/12/10/log4j2-vulnerability-and-spring-boot ## SUSE : https://www.suse.com/security/cve/CVE-2021-44228.html ## Sterling Order IBM : https://www.ibm.com/support/pages/node/6525544 ## Swingset : https://github.com/bpangburn/swingset/blob/017452b2d0d8370871f43a68043dacf53af7f759/swingset/CHANGELOG.txt#L10 ## Synopsys : https://community.synopsys.com/s/article/SIG-Security-Advisory-for-Apache-Log4J2-CVE-2021-44228 # T ## Talend : https://jira.talendforge.org/browse/TCOMP-2054 @@ -160,7 +173,9 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # W ## Wallarm : https://lab.wallarm.com/cve-2021-44228-mitigation-update/ ## WatchGuard / Secplicity / https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/ ## Wowza : https://www.wowza.com/docs/known-issues-with-wowza-streaming-engine#log4j2-cve ## WSO2 : https://github.com/wso2/security-tools/pull/169 # X # Y -
Dec 12, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -135,6 +135,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791 ## Shibboleth : http://shibboleth.net/pipermail/announce/2021-December/000253.html ## SLF4J : http://slf4j.org/log4shell.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce -
Dec 12, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -42,6 +42,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # D ## Datto : https://www.datto.com/blog/dattos-response-to-log4shell ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## Dell : https://www.dell.com/support/kbdoc/fr-fr/000194372/dsn-2021-007-dell-response-to-apache-log4j-remote-code-execution-vulnerability ## Docker : https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -134,6 +134,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791 ## SLF4J : http://slf4j.org/log4shell.html ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -60,6 +60,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # G ## Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q ## GoAnywhere : https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps ## Google Cloud Armor WAF : https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability ## GrayLog : https://www.graylog.org/post/graylog-update-for-log4j ## GuardedBox : https://twitter.com/GuardedBox/status/1469739834117799939 -
Dec 11, 2021 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -87,6 +87,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # L ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 ## Lightbend : https://discuss.lightbend.com/t/regarding-the-log4j2-vulnerability-cve-2021-44228/9275 # M ## Macchina io : https://twitter.com/macchina_io/status/1469611606569099269 @@ -99,6 +100,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## NELSON : https://github.com/getnelson/nelson/blob/f4d3dd1f1d4f8dfef02487f67aefb9c60ab48bf5/project/custom.scala ## NetApp : https://security.netapp.com/advisory/ntap-20211210-0007/ ## Netflix : https://github.com/search?q=org%3ANetflix+CVE-2021-44228&type=commits ## NextGen Healthcare Mirth : https://github.com/nextgenhealthcare/connect/discussions/4892#discussioncomment-1789526 ## Newrelic : https://github.com/newrelic/newrelic-java-agent/issues/605 # O @@ -117,6 +119,8 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) # Q ## Qlik : https://community.qlik.com/t5/Support-Updates-Blog/Vulnerability-Testing-Apache-Log4j-reference-CVE-2021-44228-also/ba-p/1869368 # R ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/ @@ -161,6 +165,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # Z ## ZAMMAD : https://community.zammad.org/t/cve-2021-44228-elasticsearch-users-be-aware/8256 ## Zaproxy : https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ ## ZSCALER : https://www.zscaler.fr/blogs/security-research/security-advisory-log4j-0-day-remote-code-execution-vulnerability-cve-2021 ## Errors, typos, something to say ? - If you want to add a link, comment or send it to me -
Dec 11, 2021 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -42,7 +42,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # D ## Datto : https://www.datto.com/blog/dattos-response-to-log4shell ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## Docker : https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/ ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -5,6 +5,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) - Feel free to report any mistake directly below in the comment or in DM on Twitter [@SwitHak](https://twitter.com/SwitHak) # A ## Akamai : https://www.akamai.com/blog/news/CVE-2021-44228-Zero-Day-Vulnerability ## Apache Druid : https://github.com/apache/druid/pull/12051 ## Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -71,6 +71,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # I ## Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update ## Ivanti : https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US ## Imperva : https://www.imperva.com/blog/how-were-protecting-customers-staying-ahead-of-cve-2021-44228/ # J ## JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740 -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -90,6 +90,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Macchina io : https://twitter.com/macchina_io/status/1469611606569099269 ## McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091 ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 ## Minecraft : https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition # N ## N-able : https://www.n-able.com/security-and-privacy/apache-log4j-vulnerability -
Dec 11, 2021 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -39,6 +39,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 # D ## Datto : https://www.datto.com/blog/dattos-response-to-log4shell ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## Docker : https://twitter.com/Docker/status/1469730925176967168 ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 @@ -110,6 +111,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR ## Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ ## Pure Storage : https://support.purestorage.com/Field_Bulletins/Interim_Security_Advisory_Regarding_CVE-2021-44228_(%22log4j%22) # Q # R -
Dec 11, 2021 . 1 changed file with 8 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -34,6 +34,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1 ## ConnectWise : https://www.connectwise.com/company/trust/advisories ## ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 ## Coralogix : https://twitter.com/Coralogix/status/1469713430659559425 ## CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 ## Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 @@ -46,6 +47,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # E ## Eclipse Foundation : https://git.eclipse.org/r/c/tracecompass/org.eclipse.tracecompass/+/188751 ## Elastic : https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476 ## EVLLABS JGAAP : https://github.com/evllabs/JGAAP/releases/tag/v8.0.2 # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 @@ -56,9 +58,12 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # G ## Ghidra : https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning ## GitHub : https://github.com/advisories/GHSA-jfh8-c2jp-5v3q ## Google Cloud Armor WAF : https://cloud.google.com/blog/products/identity-security/cloud-armor-waf-rule-to-help-address-apache-log4j-vulnerability ## GrayLog : https://www.graylog.org/post/graylog-update-for-log4j ## GuardedBox : https://twitter.com/GuardedBox/status/1469739834117799939 # H ## HackerOne : https://twitter.com/jobertabma/status/1469490881854013444 ## Huawei : https://www.huawei.com/en/psirt/security-notices/huawei-sn-20211210-01-log4j2-en ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 @@ -81,6 +86,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## LucentSKY : https://twitter.com/LucentSky/status/1469358706311974914 # M ## Macchina io : https://twitter.com/macchina_io/status/1469611606569099269 ## McAfee : https://kc.mcafee.com/corporate/index?page=content&id=KB95091 ## Metabase : https://github.com/metabase/metabase/commit/8bfce98beb25e48830ac2bfd57432301c5e3ab37 @@ -117,6 +123,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1 ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959 ## Sesam Info : https://twitter.com/sesam_info/status/1469711992122486791 ## SmileCDR : https://www.smilecdr.com/our-blog/a-statement-on-log4shell-cve-2021-44228 ## Sophos : https://www.sophos.com/en-us/security-advisories/sophos-sa-20211210-log4j-rce ## SonarSource : https://community.sonarsource.com/t/sonarqube-and-the-log4j-vulnerability/54721 @@ -128,6 +135,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # T ## Talend : https://jira.talendforge.org/browse/TCOMP-2054 ## Tanium : https://community.tanium.com/s/article/How-Tanium-Can-Help-with-CVE-2021-44228-Log4Shell ## TrendMicro : https://success.trendmicro.com/solution/000289940 # U -
Dec 11, 2021 . 1 changed file with 1 addition and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -92,6 +92,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Newrelic : https://github.com/newrelic/newrelic-java-agent/issues/605 # O ## Okta : https://sec.okta.com/articles/2021/12/log4shell ## OpenHab : https://github.com/openhab/openhab-distro/pull/1343 ## OpenNMS : https://www.opennms.com/en/blog/2021-12-10-opennms-products-affected-by-apache-log4j-vulnerability-cve-2021-44228/ ## OpenSearch : https://discuss.opendistrocommunity.dev/t/log4j-patch-for-cve-2021-44228/7950 -
Dec 11, 2021 . 1 changed file with 5 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,5 +1,9 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Errors, typos, something to say ? - If you want to add a link, comment or send it to me - Feel free to report any mistake directly below in the comment or in DM on Twitter [@SwitHak](https://twitter.com/SwitHak) # A ## Apache Druid : https://github.com/apache/druid/pull/12051 ## Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html @@ -35,6 +39,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # D ## Debian : https://security-tracker.debian.org/tracker/CVE-2021-44228 ## Docker : https://twitter.com/Docker/status/1469730925176967168 ## DropWizard : https://twitter.com/dropwizardio/status/1469285337524580359 ## DynaTrace : https://community.dynatrace.com/t5/Dynatrace-Open-Q-A/Impact-of-log4j-zero-day-vulnerability/m-p/177259/highlight/true#M19282 -
Dec 11, 2021 . 1 changed file with 12 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,10 +1,12 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # A ## Apache Druid : https://github.com/apache/druid/pull/12051 ## Apache Flink : https://flink.apache.org/2021/12/10/log4j-cve.html ## Apache LOG4J : https://logging.apache.org/log4j/2.x/security.html ## Apache Kafka : https://lists.apache.org/thread/lgbtvvmy68p0059yoyn9qxzosdmx4jdv ## Apache Solr : https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228 ## Apero CAS : https://apereo.github.io/2021/12/11/log4j-vuln/ ## Aptible : https://status.aptible.com/incidents/gk1rh440h36s?u=zfbcrbt2lkv4 ## Atlassian : https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html ## Automox : https://blog.automox.com/log4j-critical-vulnerability-scores-a-10 @@ -21,10 +23,13 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## Cerberus FTP : https://support.cerberusftp.com/hc/en-us/articles/4412448183571-Cerberus-is-not-affected-by-CVE-2021-44228-log4j-0-day-vulnerability ## CheckPoint : https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk176865&partition=General&product=IPS ## Cisco: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd ## Citrix : https://support.citrix.com/article/CTX335705 ## CloudFlare : https://blog.cloudflare.com/cve-2021-44228-log4j-rce-0-day-mitigation/ ## CPanel : https://forums.cpanel.net/threads/log4j-cve-2021-44228-does-it-affect-cpanel.696249/ ## CommVault https://community.commvault.com/technical-q-a-2/log4j-been-used-in-commvault-1985?postid=11745#post11745 ## Connect2id : https://connect2id.com/blog/connect2id-server-12-5-1 ## ConnectWise : https://www.connectwise.com/company/trust/advisories ## ContrastSecurity : https://support.contrastsecurity.com/hc/en-us/articles/4412612486548 ## CouchBase : https://forums.couchbase.com/t/ann-elasticsearch-connector-4-3-3-4-2-13-fixes-log4j-vulnerability/32402 ## Cybereason : https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 @@ -40,6 +45,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # F ## F5 Networks : https://support.f5.com/csp/article/K19026212 ## F-Secure https://status.f-secure.com/incidents/sk8vmr0h34pd ## Forescout : https://forescout.force.com/support/s/article/Important-security-information-related-to-Apache-Log4j-utility-CVE-2021-44228 ## FusionAuth : https://fusionauth.io/blog/2021/12/10/log4j-fusionauth/ # G @@ -52,6 +58,9 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## HostiFi : https://twitter.com/hostifi_net/status/1469511114824339464 # I ## Informatica : https://network.informatica.com/community/informatica-network/blog/2021/12/10/log4j-vulnerability-update ## Ivanti : https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US # J ## JAMF NATION : https://community.jamf.com/t5/jamf-pro/third-party-security-issue/td-p/253740 ## JazzSM DASH IBM : https://www.ibm.com/support/pages/node/6525552 @@ -85,6 +94,7 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) # P ## Palo-Alto Networks : https://security.paloaltonetworks.com/CVE-2021-44228 ## PaperCut : https://www.papercut.com/support/known-issues/#PO-684 ## Positive Technologies : https://twitter.com/ptsecurity/status/1469398376978522116 ## Pulse Secure : https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44933/?kA13Z000000L3dR ## Puppet : https://puppet.com/blog/puppet-response-to-remote-code-execution-vulnerability-cve-2021-44228/ @@ -94,8 +104,10 @@ Security Advisories / Bulletins linked to Log4Shell (CVE-2021-44228) ## RedHat : https://access.redhat.com/security/cve/cve-2021-44228 ## RunDeck by PagerDuty : https://docs.rundeck.com/docs/history/CVEs/ ## RSA : https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501 ## Rubrik : https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK # S ## SailPoint : https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681 ## Salesforce : https://help.salesforce.com/s/articleView?id=000363736&type=1 ## Security Onion : https://blog.securityonion.net/2021/12/security-onion-2390-20211210-hotfix-now.html ## ServiceNow : https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1000959
NewerOlder