Skip to content
This repository has been archived by the owner on Jun 16, 2022. It is now read-only.

Latest commit

 

History

History
464 lines (461 loc) · 80 KB

software_list_c.md

File metadata and controls

464 lines (461 loc) · 80 KB

List of software (un)affected by the log4shell CVEs

About this list

0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

C

Supplier Product Version (see Status) Status CVE-2021-4104 Status CVE-2021-44228 Status CVE-2021-45046 Status CVE-2021-45105 Notes Links
Campbell Scientific All Not vuln link
Carrier All Not vuln link
CircleCI All link
C4b XPHONE All C4b XPHONE Link
Camunda All Camunda Forum Link
Canary Labs All Not vuln Not vuln Not vuln Not vuln Canary Labs Advisory Link
Canon Applications integrated with Vitrea (iCAD, Invia, Medis, Mevis, Mirada, Olea and Tomtec) Not vuln source
Canon DR Products (CXDI_NE) Omnera, Flexpro, Soltus and more Not vuln source
Canon CT Medical Imaging Products Not vuln source
Canon Easy Viz Not vuln source
Canon Eye-Care Products Not vuln source
Canon MR Medical Imaging Products Not vuln source
Canon NM Medical Imaging Products Not vuln source
Canon Olea Sphere Not vuln source
Canon Rialto 7.x Vulnerable Contact customer support source
Canon Rialto Connect and Vault Not vuln source
Canon Solution Health (Cloud) Not vuln source
Canon Solution Health (On-Prem) Vulnerable Contact customer support source
Canon UL Medical Imaging Products Not vuln source
Canon Vitrea Advanced 7.x Vulnerable See source for mitigations source
Canon Vitrea Connection 8.x Vulnerable Contact customer support source
Canon Vitrea View Not vuln source
Canon VL Alphenix Angio Workstation (AWS) Vulnerable source
Canon VL Infinix-i and Alphenix DFP Not vuln source
Canon VL Infinix-i Angio Workstation (AWS) Not vuln source
Canon XR Medical Imaging Products Not vuln source
Canon Zillion Not vuln source
CapStorm Copystorm Investigation
Carbon Black Cloud Workload Appliance Workaround More information on pages linked bottom of blogpost (behind login) source
Carbon Black EDR Servers Workaround More information on pages linked bottom of blogpost (behind login) source
CarbonBlack All CarbonBlack Advisory
CareStream All Not vuln Not vuln Not vuln Not vuln source
CAS genesisWorld All CAS genesisWorld Link
CaseWare Cloud All Not vuln Fix source
CaseWare IDEA All Not vuln Not vuln Not vuln Not vuln source
CaseWare WorkingPapers All Not vuln Not vuln Not vuln Not vuln source
Catalogic CloudCasa All Not vuln Not vuln Not vuln Not vuln source
Cato Networks All Cato Networks Blog Post
Cendio ThinLinc All Not vuln Not vuln Not vuln Not vuln source
Cepheid C360 Not vuln Not vuln Not vuln Not vuln source
Cepheid GeneXpert Investigation source
Cerberus FTP Not vuln Not vuln Not vuln Not vuln source
Cerberus FTP All Cerberus Article
Cerebrate All All Not vuln Not vuln Not vuln Not vuln source
Cerebro Elasticsearch Web Admin All Not vuln Not vuln Not vuln Not vuln Uses logback for logging source
Chaser Systems discrimiNAT Firewall All Not vuln Not vuln Not vuln Not vuln source
Chatsworth Products eConnect PDU Not vuln Not vuln Not vuln Not vuln https://user-images.githubusercontent.com/89155495/146845501-b2186f1b-ccce-4f3d-a2c3-373db2eed9f0.png
Check Point CloudGuard All Not vuln Not vuln Not vuln Not vuln source
Check Point Harmony Endpoint & Harmony Mobile All Not vuln Not vuln Not vuln Not vuln source
Check Point Infinity Portal All Not vuln Not vuln Not vuln Not vuln source
Check Point Quantum Security Gateway All Not vuln Not vuln Not vuln Not vuln source
Check Point Quantum Security Management All Not vuln Not vuln Not vuln Not vuln source
Check Point SMB All Not vuln Not vuln Not vuln Not vuln source
Check Point ThreatCloud All Not vuln Not vuln Not vuln Not vuln source
CheckMK All CheckMK Forum
Chef Automate All Not vuln Not vuln Not vuln Not vuln source
Chef Backend All Not vuln Not vuln Not vuln Not vuln source
Chef Infra Server All Not vuln Not vuln Not vuln Not vuln source
Ciphermail All Ciphermail Blog Post
CIS CAT Lite 4.13.1 Fix Fix Fix source
CIS CAT Pro Assessor v3 Full and Dissolvable 3.0.78 Fix Fix Fix source
CIS CAT Pro Assessor v4 4.13.1 Fix Fix Fix source
CIS CAT Pro Assessor v4 Service 1.13.1 Fix Fix Fix source
CIS CAT Pro Dashboard Not vuln Not vuln Not vuln Not vuln source
CIS CSAT Pro 1.7.2 Fix Fix Fix source
CIS Hosted CSAT Not vuln Not vuln Not vuln Not vuln source
CIS WorkBench Not vuln Not vuln Not vuln Not vuln source
Cisco ACI Multi-Site Orchestrator Not vuln Not vuln Not vuln Not vuln source
Cisco ACI Virtual Edge Not vuln Not vuln Not vuln Not vuln source
Cisco Adaptive Security Appliance (ASA) Software Not vuln Not vuln Not vuln Not vuln source
Cisco Adaptive Security Device Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Adaptive Security virual Appliance (ASAv) All Not vuln Not vuln Not vuln source
Cisco Advanced Web Security Reporting Application All Not vuln Not vuln Not vuln source
Cisco AireOS Wireless LAN Controllers All Not vuln Not vuln Not vuln source
Cisco Aironet 1560 Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 1810 Series OfficeExtend Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 1810w Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 1815 Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 1830 Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 1850 Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 2800 Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet 3800 Series Access Points Not vuln Not vuln Not vuln Not vuln source
Cisco Aironet Access Points All Not vuln Not vuln Not vuln source
Cisco AMP Virtual Private Cloud Appliance All Not vuln Not vuln Not vuln source
Cisco AnyConnect Secure Mobility Client All Not vuln Not vuln Not vuln Not vuln source
Cisco AppDynamics Multiple Not vuln Fix Fix Not vuln See advisory for complete list of fixed versions per component source
Cisco AppDynamics with Cisco Secure Application Multiple Not vuln Fix Fix Not vuln source
Cisco Application Policy Infrastructure Controller (APIC) Not vuln Not vuln Not vuln Not vuln source
Cisco Application Policy Infrastructure Controller (APIC) - Network Insights Base App 4.2(7r), 5.2(3g) Fix Fix Not vuln source
Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) All Not vuln Not vuln Not vuln source
Cisco ASR 5000 Series Routers Not vuln Not vuln Not vuln Not vuln source
Cisco Automated Subsea Tuning 2.1.0 Fix Fix Not vuln source
Cisco Broadcloud Calling Investigation source
Cisco BroadWorks 2021.11_1.162, ap381882 Fix Fix Not vuln source
Cisco Business 100 and 200 Series Access Points All Not vuln Not vuln Not vuln source
Cisco Business 220 Series Smart Switches All Not vuln Not vuln Not vuln source
Cisco Business 250 Series Smart Switches All Not vuln Not vuln Not vuln source
Cisco Business 350 Series Managed Switches All Not vuln Not vuln Not vuln source
Cisco Business Dashboard All Not vuln Not vuln Not vuln source
Cisco Business Process Automation 3.0.000.115, 3.1.000.044, 3.2.000.009 Fix Fix Not vuln source
Cisco Business Wireless All Not vuln Not vuln Not vuln source
Cisco Call Studio 11.6(2), 12.0(1), 12.5(1), 12.6(1) Fix Fix Not vuln source
Cisco Catalyst 9100 Series Access Points All Not vuln Not vuln Not vuln source
Cisco Catalyst 9800 Series Wireless Controllers Not vuln Not vuln Not vuln Not vuln source
Cisco 220 Series Smart Plus Switches All Not vuln Not vuln Not vuln source
Cisco 250 Series Smart Switches All Not vuln Not vuln Not vuln source
Cisco 350 Series Series Managed Switches All Not vuln Not vuln Not vuln source
Cisco 5000 Series Enterprise Network Compute system (ENCS) All Not vuln Not vuln Not vuln source
Cisco 550 Series Stackable Managed Switches All Not vuln Not vuln Not vuln source
Cisco Cloud Connect 12.6(1) Fix Fix Not vuln source
Cisco Cloud Email Security Not vuln Not vuln Not vuln Not vuln source
Cisco Cloud Services Platform 2100 All Not vuln Not vuln Not vuln Not vuln source
Cisco Cloud Services Platform 5000 Series All Not vuln Not vuln Not vuln Not vuln source
Cisco CloudCenter 4.10.0.16 Fix Fix Not vuln Fixes should be available from 23 Dec 2021 source
Cisco CloudCenter Action Orchestrator Not vuln Not vuln Not vuln Not vuln source
Cisco CloudCenter Cost Optimizer 5.5.2 Fix Fix source
Cisco CloudCenter Suite Admin 5.3.1 Fix Fix source
Cisco CloudCenter Workload Manager 5.5.2 Fix source
Cisco Cloudlock All Fix Fix Not vuln source
Cisco Cloudlock for Government All Fix Fix Not vuln source
Cisco Cognitive Intelligence Not vuln Not vuln Not vuln Not vuln source
Cisco Collaboration Experience Service (CES) All Not vuln Not vuln Not vuln source
Cisco Collaboration Experience Service Management (CESM) All Not vuln Not vuln Not vuln source
Cisco Common Services Platform Collector (CSPC) 2.10.0, 2.9.1.3 Fix Fix Not vuln source
Cisco Computer Telephony Integration Object Server (CTIOS) Vulnerable source
Cisco ConfD Not vuln Not vuln Not vuln Not vuln source
Cisco Connected Grid Device Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Connected Mobile Experiences (CMX) 10.6.3-70, 10.6.3-105, 10.6.2-89, 10.4.1 Fix Fix Not vuln source
Cisco Connectivity Not vuln source
Cisco Contact Center Domain Manager (CCDM) 12.5(1) ES6, 12.6(1) ES3 Fix Fix Not vuln source
Cisco Contact Center Management Portal (CCMP) 12.5(1) ES6, 12.6(1) ES3 Fix Fix Not vuln source
Cisco Container Platform Not vuln Not vuln Not vuln Not vuln source
Cisco Content Security Management Appliance (SMA) Not vuln Not vuln Not vuln Not vuln source
Cisco Crosswork Change Automation All Not vuln Not vuln Not vuln source
Cisco Crosswork Cloud All Not vuln Not vuln Not vuln source
Cisco Crosswork Data Gateway 2.0.2, 3.0.1 Fix Fix Not vuln source
Cisco Crosswork Health Insights All Not vuln Not vuln Not vuln source
Cisco Crosswork Network Controller 2.0.1, 3.0.1 Fix Fix Not vuln source
Cisco Crosswork Optimization Engine 2.0.1, 3.0.1 Fix Fix Not vuln source
Cisco Crosswork Platform Infrastructure 4.0.1, 4.1.1 Fix Fix Not vuln source
Cisco Crosswork Situation Manager 8.0.0.8 Fix Fix Not vuln source
Cisco Crosswork Service Health All Not vuln Not vuln Not vuln source
Cisco Crosswork Zero Touch Provisioning (ZTP) 2.0.1, 3.0.1 Fix Fix Not vuln source
Cisco CX Cloud All Fix Fix Not vuln source
Cisco CX Cloud Agent Software 1.12.2 Fix Fix Not vuln source
Cisco Cyber Vision Sensor Management Extension 4.0.3 Fix Fix Not vuln source
Cisco Data Center Network Manager (DCNM) 12.0(2d), 11.5(3), 11.5(2), 11.5(1), 11.4(1), 11.3(1) Vulnerable Vulnerable Not vuln source
Cisco Defense Orchestrator Not vuln Not vuln Not vuln Not vuln source
Cisco DNA Assurance Investigation source
Cisco DNA Center 2.2.2.8, 2.1.2.8, 2.2.3.4 Fix Fix Not vuln source
Cisco DNA Spaces 2.5, 2.8.2, 2.11.0, 2.13.3 Not vuln Fix source
Cisco DNA Spaces Connector v2.0.588, v2.2.12 Fix Fix Not vuln source
Cisco Duo Not vuln Fix source
Cisco duo network gateway (on-prem/self-hosted) Investigation
Cisco DUO network gateway (on-prem/self-hosted) Investigation
Cisco Duo Security for Government All Fix Fix Not vuln source
Cisco Elastic Services Controller (ESC) Not vuln Not vuln Not vuln Not vuln source
Cisco Email Security Appliance (ESA) Not vuln Not vuln Not vuln Not vuln source
Cisco Emergency Responder 11.5(4)SU9, 11.5(4)SU10 Fix Fix Not vuln source
Cisco Enterprise Chat and Email 12.0(1), 12.5(1), 12.6(1) Fix Fix Not vuln source
Cisco Enterprise NFV Infrastructure Software (NFVIS) Not vuln Not vuln Not vuln Not vuln source
Cisco eSIM Flex All Fix Fix Not vuln source
Cisco Evolved Programmable Network Manager 5.1.3.1 Fix Fix Not vuln source
Cisco Evolved Programmable Network Manager < 5.0.2.1, < 4.1.1.1 Vulnerable Vulnerable Not vuln Fix should be available from 13 Jan 2022 source
Cisco Exony Virtualized Interaction Manager (VIM) Investigation source
Cisco Expressway Series Not vuln Not vuln Not vuln Not vuln source
Cisco Extensible Network Controller (XNC) Not vuln Not vuln Not vuln Not vuln source
Cisco Finesse < 12.6(1)ES03 Vulnerable source
Cisco Firepower 4100 Series Not vuln Not vuln Not vuln Not vuln source
Cisco Firepower 9300 Security Appliances Investigation source
Cisco Firepower Management Center Not vuln Not vuln Not vuln Not vuln source
Cisco Firepower Threat Defense (FTD) managed by FDM 6.2.3 hotfix, 6.4.0 hotfix, 6.6.5 hotfix, 6.7.0 hotfix, 7.0.1 hotfix, 7.1.0 hotfix Fix source
Cisco General Cisco Disclaimer Cisco is updating their advisory three times a day, please keep their website in your watchlist. We will try to update accordingly
Cisco GGSN Gateway GPRS Support Node Not vuln Not vuln Not vuln Not vuln source
Cisco Hosted Collaboration Mediation Fulfillment Not vuln Not vuln Not vuln Not vuln source
Cisco HyperFlex System Not vuln Not vuln Not vuln Not vuln source
Cisco Identity Services Engine (ISE) 2.4 hotfix, 2.6 hotfix, 2.7 hotfix, 3.0 hotfix, 3.1 hotfix Fix Fix expected on Dec 17th source
Cisco Integrated Management Controller (IMC) Supervisor 2.3.2.1 Fix source
Cisco Intersight Investigation source
Cisco Intersight Virtual Appliance Vulnerable source
Cisco IOS and IOS XE Software Not vuln Not vuln Not vuln Not vuln source
Cisco IOS XR Software Not vuln Not vuln Not vuln Not vuln source
Cisco IoT Field Network Director (formerly Connected Grid Network Management System) Investigation Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
Cisco IoT Field Network Director (formerly Cisco Connected Grid Network Management System) Not vuln Not vuln Not vuln Not vuln source
Cisco IoT Operations Dashboard Investigation source
Cisco IOx Fog Director Vulnerable source
Cisco IP Services Gateway (IPSG) Not vuln Not vuln Not vuln Not vuln source
Cisco Jabber Guest All Not vuln Not vuln Not vuln Not vuln source
Cisco Kinetic for Cities Investigation source
Cisco Managed Services Accelerator (MSX) Network Access Control Service Investigation source
Cisco MDS 9000 Series Multilayer Switches Not vuln Not vuln Not vuln Not vuln source
Cisco Meeting Server Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki GO Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki MR Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki MS Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki MT Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki MV Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki MX Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki System Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Meraki Z-Series Not vuln Not vuln Not vuln Not vuln source
Cisco MME Mobility Management Entity Not vuln Not vuln Not vuln Not vuln source
Cisco Mobility Services Engine Not vuln Not vuln Not vuln Not vuln source
Cisco Mobility Unified Reporting and Analytics System Not vuln Not vuln Not vuln Not vuln source
Cisco Modeling Labs Not vuln Not vuln Not vuln Not vuln source
Cisco Network Assessment (CNA) Tool Investigation source
Cisco Network Assurance Engine Vulnerable source
Cisco Network Convergence System 2000 Series Not vuln Not vuln Not vuln Not vuln source
Cisco Network Planner Investigation source
Cisco Network Services Orchestrator (NSO) < nso-5.3.5.1, nso-5.4.5.2, nso-5.5.4.1, nso-5.6.3.1 Vulnerable Fixes expected 17-Dec source
Cisco Nexus 3000 Series Switches Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus 5500 Platform Switches Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus 5600 Platform Switches Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus 6000 Series Switches Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus 7000 Series Switches Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus 9000 Series Switches in standalone NX-OS mode Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus Dashboard (formerly Application Services Engine) Investigation Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
Cisco Nexus Dashboard (formerly Cisco Application Services Engine) <2.1.2 Vulnerable Fixes expected 7-Jan-2022 source
Cisco Nexus Data Broker Not vuln Not vuln Not vuln Not vuln source
Cisco Nexus Insights Investigation source
Cisco Optical Network Planner Investigation source
Cisco Packaged Contact Center Enterprise Vulnerable source
Cisco Paging Server Investigation source
Cisco Paging Server (InformaCast) Investigation source
Cisco PDSN/HA Packet Data Serving Node and Home Agent Not vuln Not vuln Not vuln Not vuln source
Cisco PGW Packet Data Network Gateway Not vuln Not vuln Not vuln Not vuln source
Cisco Policy Suite Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Access Registrar Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Cable Provisioning Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Central for Service Providers Investigation source
Cisco Prime Collaboration Assurance Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Collaboration Deployment Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Collaboration Manager Investigation source
Cisco Prime Collaboration Provisioning Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Infrastructure Investigation source
Cisco Prime IP Express Not vuln Not vuln Not vuln Not vuln source
Cisco Prime License Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Network Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Network Registrar Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Optical for Service Providers Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Performance Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Provisioning Not vuln Not vuln Not vuln Not vuln source
Cisco Prime Service Catalog Investigation source
Cisco Registered Envelope Service Not vuln Not vuln Not vuln Not vuln source
Cisco SD-WAN vEdge 1000 Series Routers Not vuln Not vuln Not vuln Not vuln source
Cisco SD-WAN vEdge 2000 Series Routers Not vuln Not vuln Not vuln Not vuln source
Cisco SD-WAN vEdge 5000 Series Routers Not vuln Not vuln Not vuln Not vuln source
Cisco SD-WAN vEdge Cloud Router Platform Not vuln Not vuln Not vuln Not vuln source
Cisco SD-WAN vManage Vulnerable source
Cisco Secure Network Analytics (SNA), formerly Stealthwatch Investigation source
Cisco Security Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Smart Software Manager On-Prem Not vuln Not vuln Not vuln Not vuln source
Cisco SocialMiner All Not vuln Not vuln Not vuln Not vuln source
Cisco System Architecture Evolution Gateway (SAEGW) Not vuln Not vuln Not vuln Not vuln source
Cisco TelePresence Management Suite Not vuln Not vuln Not vuln Not vuln source
Cisco TelePresence Video Communication Server (VCS) Not vuln Not vuln Not vuln Not vuln source
Cisco Tetration Analytics All Not vuln Not vuln Not vuln Not vuln source
Cisco UCS C-Series Rack Servers - Integrated Management Controller Not vuln Not vuln Not vuln Not vuln source
Cisco UCS Central Software 2.3.2.1 Fix source
Cisco UCS Director 6.8.2.0 Fix source
Cisco UCS Manager Not vuln Not vuln Not vuln Not vuln source
Cisco UCS Performance Manager Investigation source
Cisco Ultra Packet Core Not vuln Not vuln Not vuln Not vuln source
Cisco Umbrella Investigation source
Cisco Unified Attendant Console Advanced Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Attendant Console Business Edition Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Attendant Console Department Edition Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Attendant Console Enterprise Edition Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Attendant Console Premium Edition Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Communications Domain Manager Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Communications Manager / Cisco Unified Communications Manager Session Management Edition Vulnerable source
Cisco Unified Communications Manager Cloud Vulnerable source
Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) Vulnerable source
Cisco Unified Contact Center Enterprise Vulnerable source
Cisco Unified Contact Center Enterprise - Live Data server Vulnerable source
Cisco Unified Contact Center Express Vulnerable source
Cisco Unified Customer Voice Portal Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Intelligence Center Not vuln Not vuln Not vuln Not vuln source
Cisco Unified Intelligent Contact Management Enterprise Vulnerable source
Cisco Unified SIP Proxy Software Vulnerable source
Cisco Unity Connection Vulnerable source
Cisco Unity Express Not vuln Not vuln Not vuln Not vuln source
Cisco Video Surveillance Media Server Not vuln Not vuln Not vuln Not vuln source
Cisco Video Surveillance Operations Manager <7.14.4 Vulnerable Fixes expected 16-Dec-2021 source
Cisco Virtual Topology System - Virtual Topology Controller (VTC) VM Investigation source
Cisco Virtualized Voice Browser Investigation source
Cisco Vision Dynamic Signage Director Not vuln Not vuln Not vuln Not vuln source
Cisco WAN Automation Engine (WAE) Vulnerable source
Cisco Web Security Appliance (WSA) Not vuln Not vuln Not vuln Not vuln source
Cisco Webex App Not vuln Not vuln Not vuln Not vuln source
Cisco Webex Cloud-Connected UC (CCUC) Vulnerable source
Cisco Webex Meetings Server CWMS-3.0MR4SP2, CWMS-4.0MR4SP2,CWMS-3.0MR4SP3, CWMS-4.0MR4SP3 Fix Fixes expected 14-Dec-2021 source
Cisco Webex Room Phone Not vuln Not vuln Not vuln Not vuln source
Cisco Webex Teams Investigation Vulnerability in Apache Log4j Library Affecting Cisco Products: December 2021
Cisco Wide Area Application Services (WAAS) All Not vuln Not vuln Not vuln Not vuln source
Cisco Wireless LAN Controller Not vuln Not vuln Not vuln Not vuln source
Citrix ADC (NetScaler ADC) and Gateway (NetScaler Gateway) All Platforms Not vuln Not vuln Not vuln Not vuln Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. Citrix Statement
Citrix Analytics Investigation source
Citrix Application Delivery Management (NetScaler MAS) All Not vuln Not vuln Not vuln Not vuln source
Citrix Cloud Connector Not vuln Not vuln Not vuln Not vuln source
Citrix Connector Appliance for Cloud Services Not vuln Not vuln Not vuln Not vuln source
Citrix Content Collaboration (ShareFile Integration) Not vuln Not vuln Not vuln Not vuln source
Citrix Content Collaboration (ShareFile Integration) – Files for Windows, Files for Mac, Files for Outlook Not vuln Not vuln Not vuln Not vuln Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. Citrix Statement
Citrix Endpoint Management ( XenMobile Server) Not vuln Fix For CVE-2021-44228 and CVE-2021-45046: Impacted–Customers are advised to apply the latest CEM rolling patch updates listed below as soon as possible to reduce the risk of exploitation. https://support.citrix.com/article/CTX335763 XenMobile Server 10.14 RP2; https://support.citrix.com/article/CTX335753 XenMobile Server 10.13 RP5; and https://support.citrix.com/article/CTX335785 XenMobile Server 10.12 RP10. Note: Customers who have upgraded their XenMobile Server to the updated versions are recommended not to apply the responder policy mentioned in the blog listed below to the Citrix ADC vserver in front of the XenMobile Server as it may impact the enrollment of Android devices. For CVE-2021-45105: Investigation in progress. Citrix Statement
Citrix Endpoint Management (XenMobile Server) 10.12 RP10, 10.13 RP5 and 10.14 RP2 Not vuln Fix Fix Investigation source
Citrix Files for Mac Not vuln Not vuln Not vuln Not vuln source
Citrix Files for Outlook Not vuln Not vuln Not vuln Not vuln source
Citrix Files for Windows Not vuln Not vuln Not vuln Not vuln source
Citrix Hypervisor (XenServer) Not vuln source
Citrix License Server Not vuln Not vuln Not vuln Not vuln source
Citrix NetScaler ADC All Not vuln Not vuln Not vuln Not vuln source
Citrix NetScaler Gateway All Not vuln Not vuln Not vuln Not vuln source
Citrix SD-WAN All Not vuln Not vuln Not vuln Not vuln source
Citrix Sharefile Not vuln Not vuln Not vuln Not vuln source
Citrix ShareFile Storage Zones Controller Not vuln Not vuln Not vuln Not vuln Citrix continues to investigate any potential impact on Citrix-managed cloud services. If, as the investigation continues, any Citrix-managed services are found to be affected by this issue, Citrix will take immediate action to remediate the problem. Customers using Citrix-managed cloud services do not need to take any action. Citrix Statement
Citrix Virtual Apps and Desktops (XenApp & XenDesktop) Linux VDA 2112 Not vuln Fix Investigation Impacted – Linux VDA (non-LTSR versions only), Not vulnerable: App Layering, Delivery Controller, Director, FAS, HDX, Profile Management, PVS, Session Recording, Storefront, Studio, Windows VDA, WEM source
Citrix Workspace Not vuln Not vuln Not vuln Not vuln source
Citrix Workspace App All Not vuln Not vuln Not vuln Not vuln source
Claris All Claris Article
Clavister EasyAccess <= 4.1.2 Not vuln Fix source
Clavister InCenter <= 1.68.03, 2.0.0 and 2.1.0 Not vuln Fix source
Clavister InControl Not vuln Not vuln Not vuln Not vuln source
Clavister NetShield Not vuln Not vuln Not vuln Not vuln source
Clavister NetWall Not vuln Not vuln Not vuln Not vuln source
Clavister OneConnect Not vuln Not vuln Not vuln Not vuln source
Cloudera AM2CM Tool Not vuln Not vuln Not vuln Not vuln source
Cloudera Ambari Only versions 2.x, 1.x Vulnerable source
Cloudera Arcadia Enterprise Only version 7.1.x Vulnerable source
Cloudera CDH, HDP, and HDF Only version 6.x Vulnerable source
Cloudera CDP Operational Database (COD) Not vuln Not vuln Not vuln Not vuln source
Cloudera CDP Private Cloud Base Only version 7.x Vulnerable source
Cloudera CDS 3 Powered by Apache Spark All Vulnerable source
Cloudera CDS 3.2 for GPUs All Vulnerable source
Cloudera Cybersecurity Platform All Vulnerable source
Cloudera Data Analytics Studio (DAS) Investigation source
Cloudera Data Catalog Not vuln Not vuln Not vuln Not vuln source
Cloudera Data Engineering (CDE) All Vulnerable source
Cloudera Data Engineering (CDE) Vulnerable source
Cloudera Data Flow (CFM) Vulnerable source
Cloudera Data Lifecycle Manager (DLM) Not vuln Not vuln Not vuln Not vuln source
Cloudera Data Science Workbench (CDSW) Only versions 2.x, 3.x Vulnerable source
Cloudera Data Steward Studio (DSS) All Vulnerable source
Cloudera Data Visualization (CDV) Vulnerable source
Cloudera Data Warehouse (CDW) All Vulnerable source
Cloudera Data Warehouse (CDW) Vulnerable source
Cloudera DataFlow (CDF) Vulnerable source
Cloudera Edge Management (CEM) All Vulnerable source
Cloudera Enterprise Only version 6.x Vulnerable source
Cloudera Flow Management (CFM) All Vulnerable source
Cloudera Hortonworks Data Flow (HDF) Not vuln Not vuln Not vuln Not vuln source
Cloudera Hortonworks Data Platform (HDP) Only versions 7.1.x, 2.7.x, 2.6.x Vulnerable source
Cloudera Hortonworks DataPlane Platform Not vuln Not vuln Not vuln Not vuln source
Cloudera Machine Learning (CML) All Vulnerable source
Cloudera Machine Learning (CML) Vulnerable source
Cloudera Management Console All Vulnerable source
Cloudera Management Console for CDP Public Cloud Not vuln Not vuln Not vuln Not vuln source
Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) All Vulnerable source
Cloudera Manager (Including Backup Disaster Recovery (BDR) and Replication Manager) Only versions 7.0.x, 7.1.x, 7.2.x Vulnerable source
Cloudera Manager (Including Backup Disaster Recovery (BDR)) Not vuln Not vuln Not vuln Not vuln source
Cloudera Replication Manager Vulnerable source
Cloudera Runtime (including Data Hub and all Data Hub templates) Only versions 7.0.x, 7.1.x, 7.2.x Vulnerable source
Cloudera SmartSense Investigation source
Cloudera Stream Processing (CSP) All Vulnerable source
Cloudera Streaming Analytics (CSA) Not vuln Not vuln Not vuln Not vuln source
Cloudera Streaming Analytics (CSA) Vulnerable source
Cloudera Workload Manager Not vuln Not vuln Not vuln Not vuln source
Cloudera Workload XM All Vulnerable source
Cloudera Workload XM (SaaS) Not vuln Not vuln Not vuln Not vuln source
CloudFlare All CloudFlare Blog Post
Cloudian HyperStore All Cloudian Article
Cloudogu Ecosystem All Not vuln Fix Cloudogu Community
Cloudogu SCM-Manager Not vuln Not vuln Not vuln Not vuln SCM-Manager Blog
Cloudron All Cloudron Forum
Clover All Clover Article
Cockroach Labs CockroachDB - Not vuln Not vuln Not vuln Not vuln source
Code42 App 8.8.1 Not vuln Fix Code42 Release Notification
Code42 Crashplan 8.8, possibly prior versions Not vuln Fix I think, they don't specify in the notice, but we know that they released an updated Crashplan client. Possibly prior versions affected. Code42 Release Notification
CodeBeamer All CodeBeamer Link
CODESYS All All Not vuln Not vuln Not vuln Not vuln source
Cohesity All Cohesity Support Link
Commvault Cloud Apps & Oracle & MS-SQL All supported versions Not vuln Fix source
Compumatica CompuMail Gateway All Not vuln Not vuln Not vuln Not vuln source
Compumatica Compuwall All Not vuln Not vuln Not vuln Not vuln source
Compumatica CryptoGuard All Not vuln Not vuln Not vuln Not vuln source
Compumatica MagiCtwin All Not vuln Not vuln Not vuln Not vuln source
Compumatica MASC All Not vuln Not vuln Not vuln Not vuln source
Concourse All Not vuln Not vuln Not vuln Not vuln Concourse Community Discussion
ConcreteCMS.com All ConcreteCMS.com Link
Confluent Cloud Not vuln Fix server-side fix source
Confluent Community Platform Not vuln Not vuln Not vuln Not vuln source
Confluent Community/Standalone Package of ksqlDB Not vuln Not vuln Not vuln Not vuln No exploitable conditions found, working on package without log4j2 source
Confluent Connectors see link Not vuln Fix List of vulnerable connectors available at Confluent source
Confluent ElasticSearch Sink Connector <11.1.7 Not vuln Fix December 2021 Log4j Vulnerabilities Advisory
Confluent for Kubernetes 2.1.0-1 and 2.2.0-1 Not vuln Fix Only applicable to confluent-init-container source
Confluent Google DataProc Sink Connector <1.1.5 Not vuln Fix December 2021 Log4j Vulnerabilities Advisory
Confluent HDFS 2 Sink Connector <10.1.3 Not vuln Fix December 2021 Log4j Vulnerabilities Advisory
Confluent HDFS 3 Sink Connector <1.1.8 Vulnerable December 2021 Log4j Vulnerabilities Advisory
Confluent Kafka Connectors Not vuln Not vuln Not vuln Not vuln December 2021 Log4j Vulnerabilities Advisory
Confluent Platform 7.0.1 Not vuln Fix source
Confluent Splunk Sink Connector <2.05 Not vuln Fix December 2021 Log4j Vulnerabilities Advisory
Confluent VMWare Tanzu GemFire Sink Connector <1.0.8 Not vuln Fix December 2021 Log4j Vulnerabilities Advisory
Connect2id server < 12.5.1 Not vuln Fix source
Connectwise Global search capability of Manage Cloud Workaround source
Connectwise Manage on-premise's Global Search Workaround source
Connectwise Marketplace Workaround source
Connectwise Perch Not vuln Fix source
Connectwise StratoZen Workaround Urgent action for self-hosted versions source
Contrast Hosted SaaS Enviroments All Not vuln Fix source
Contrast Java Agent All Not vuln Not vuln Not vuln Not vuln source
Contrast On-premises (EOP) Environments All Not vuln Fix source
Contrast Scan All Not vuln Fix source
ContrastSecurity All ContrastSecurity Article
ControlUp All All Not vuln Fix source
Copadata Zenon product family All Not vuln Not vuln Not vuln Not vuln source
Coralogix All Not vuln Fix source
Couchbase ElasticSearch connector < 4.3.3 & < 4.2.13 Not vuln Fix source
Coveo On-Premises Crawling Module Not vuln Not vuln Not vuln Not vuln source
Coveo Platform (hosted services) Not vuln Not vuln Not vuln Not vuln source
cPanel All Workaround source
Cradlepoint All Cradlepoint
Crestron All Not vuln Not vuln Not vuln Not vuln Crestron Advisory
CrushFTP All CrushFTP Link
Cryptshare .NET API All Not vuln Not vuln Not vuln Not vuln source
Cryptshare for Notes All Not vuln Not vuln Not vuln Not vuln source
Cryptshare for NTA 7516 All Not vuln Not vuln Not vuln Not vuln source
Cryptshare for Outlook All Not vuln Not vuln Not vuln Not vuln source
Cryptshare Java API All Not vuln Not vuln Not vuln Not vuln source
Cryptshare Robot All Not vuln Not vuln Not vuln Not vuln source
Cryptshare Server All Not vuln Not vuln Not vuln Not vuln source
Cyberark Cloud Entitlements Manager Not vuln source
Cyberark Endpoint Privilege Manager (EPM) - Agents Not vuln source
Cyberark Endpoint Privilege Manager (EPM) - EPM Server (On-Premise) Not vuln source
Cyberark Endpoint Privilege Manager (EPM) - Service (SaaS) Not vuln source
Cyberark HTML5 Gateway Not vuln source
Cyberark Identity - Mobile App Not vuln Not vuln Not vuln Not vuln source
Cyberark Identity - On-Premise Components Not vuln Not vuln Not vuln Not vuln source
Cyberark Identity - Secure Web Sessions (SWS) Not vuln Fix source
Cyberark Identity - Service (SaaS) Not vuln Not vuln Not vuln Not vuln source
Cyberark Legacy Sensitive Information Management (SIM) Not vuln Not vuln Not vuln Not vuln source
Cyberark Marketplace components - Certified and Trusted Marketplace Components Not vuln Not vuln Not vuln Not vuln source
Cyberark Marketplace components - CPM Plugins Not vuln Not vuln Not vuln Not vuln source
Cyberark Marketplace components - PSM Connection Components Not vuln Not vuln Not vuln Not vuln source
Cyberark On-Demand Privileges Manager (OPM) Not vuln source
Cyberark PAS Self Hosted (Vault, PVWA, CPM, PSM, PSMP) Not vuln source
Cyberark Privilege Cloud - On-Premise Components Not vuln source
Cyberark Privilege Cloud - Service (SaaS) Not vuln Fix Mitigation applied. No further action required by customers source
Cyberark Privileged Threat Analytics (PTA) Not vuln Workaround source workaround
Cyberark Remote Access (Alero) - Connector Not vuln Fix source
Cyberark Remote Access (Alero) - Mobile App Not vuln Not vuln Not vuln Not vuln source
Cyberark Remote Access (Alero) - Service (SaaS) Not vuln Fix Mitigation applied. No further action required by customers source
Cyberark Secrets Manager Conjur Enterprise Not vuln Not vuln Not vuln Not vuln source
Cyberark Secrets Manager Credential Providers Not vuln Not vuln Not vuln Not vuln source
Cybereason All Cybereason products Not vuln Not vuln Not vuln Not vuln source
CyberRes All CyberRes Community Link
Cydar Medical EV system Not Vuln source