As of 12-14-2021 – Zyxware’s most up to date list of Log4J vulnerabilities.
Use Control + F to search the page for your software.
A
Supplier | Product | Version (see Status) | Status (Hover Mouse for Link) |
---|---|---|---|
Accellence Technologies | EBÜS | All | Workaround |
Akamai | Siem Splunk Connector | <1.4.10 | Workaround |
Alertus | Console | 5.15.0 | Fix |
Amazon | AMS | Fix | |
Amazon | API Gateway | Fix | |
Amazon | AWS CloudHSM | 3.4.1 | Fix |
Amazon | AWS Glue | Fix | |
Amazon | AWS Greengrass | Fix | |
Amazon | AWS Lambda | Fix | |
Amazon | Cloudfront | Fix | |
Amazon | Connect | Fix | |
Amazon | DynamoDB | Fix | |
Amazon | EC2 | Fix – source, fix | |
Amazon | Kafka | Fix | |
Amazon | Keyspaces (for Apache Cassandra) | Fix | |
Amazon | Kinesis Data Analytics | Fix | |
Amazon | Lake Formation | Fix | |
Amazon | MQ | Fix | |
Amazon | NICE | Fix | |
Amazon | OpenSearch | Fix | |
Amazon | RDS | Fix | |
Amazon | S3 | Fix | |
Apache | Druid | 0.22.1 | Fix |
Apache | Dubbo | All versions | Fix |
Apache | Flink | 1.15.0, 1.14.1, 1.13.4 | Fix |
Apache | Geode | 1.14.0 | Fix |
Apache | Hadoop | 3.3.1 | Vulnerable |
Apache | James | 3.6.0 | Vulnerable |
Apache | Log4j | 2.15.0 | Fix |
Apache | SOLR | 7.4.0 to 7.7.3, 8.0.0 to 8.11.0 | Workaround |
Apache | Spark | 2.4.2 | Vulnerable |
Apache | Struts | 2.5.28 | Vulnerable |
Apache | Tapestry | 5.7.3 | Vulnerable |
Apache | Tika | 2.0.0 and up | Vulnerable |
APC | PowerChute Business Edition | Unknow to 10.0.2.301 | Vulnerable |
APC | PowerChute Network Shutdown | Unknow to 4.2.0 | Vulnerable |
Apereo | CAS | 6.3.x & 6.4.x | Fix |
Apereo | Opencast | < 9.10, < 10.6 | Fix |
Aptible | Aptible | ElasticSearch 5.x | Fix |
Arduino | Arduino IDE | 1.8.17 | Fix |
Arista Networks | CloudVision Portal | >2019.1.0 | Vulnerable |
Arista Networks | CloudVision Wi-Fi, virtual appliance or physical appliance | >8.8 | Vulnerable |
Arista Networks | Analytics Node for DANZ Monitoring Fabric (formerly Big Monitoring Fabric) | >7.0.0 | Vulnerable |
Arista Networks | Analytics Node for Converged Cloud Fabric (formerly Big Cloud Fabric) | >7.0.0 | Vulnerable |
Arista Networks | Embedded Analytics for Converged Cloud Fabric (formerly Big Cloud Fabric) | >5.3.0 | Vulnerable |
Arista Networks | CloudVision Portal | >2019.1.0 | Vulnerable |
Arista Networks | CloudVision Wi-Fi, virtual appliance or physical appliance | >8.8 | Vulnerable |
Atlassian | Bamboo Server & Data Center | On prem | Vulnerable |
Atlassian | BitBucket Server | On prem | Workaround |
Atlassian | Confluence Server & Data Center | On prem | Vulnerable |
Atlassian | Crowd Server & Data Center | On prem | Vulnerable |
Atlassian | Crucible | On prem | Vulnerable |
Atlassian | Fisheye | On prem | Vulnerable |
Atlassian | Jira Server & Data Center | On prem | Vulnerable |
Avaya |
B
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Backblaze | Cloud | N/A (SaaS) | Fix |
BMC Software | Bladelogic Database Automation | Vulnerable | Fix expected on Dec 15th |
BMC Software | BMC AMI Ops Common Rest API (CRA) | Vulnerable | Fix expected on Dec 14th |
BMC Software | BMC AMI Ops Infrastructure (MVI) – CRA component | Vulnerable | Fix expected on Dec 14th |
BMC Software | BMC AMI Ops Insight | Vulnerable | Fix expected on Dec 14th |
BMC Software | BMC AMI Ops UI | Vulnerable | Fix expected on Dec 14th |
BMC Software | BMC Client Management | Vulnerable | Fix expected on Dec 14th |
BMC Software | BMC Discovery | Fix | Fix available in BMC’s Electronic Product Download site (EPD) |
BMC Software | BMC Helix Continuous Optimization | Vulnerable | Fix expected on Dec 15th |
BMC Software | BMC License Usage Collection Utility | Vulnerable | Fix expected on Dec 14th |
BMC Software | CMDB | Vulnerable | |
BMC Software | Control-M | Vulnerable | |
BMC Software | Helix Data Manager | Vulnerable | |
BMC Software | KMs – Sybase KM & Linux (RHEV) | Fix | Fix available in BMC’s Electronic Product Download site (EPD) |
BMC Software | MainView Middleware Monitor | Vulnerable | Fix expected on Dec 20th |
BMC Software | Remedy Smart Reporting | Vulnerable | |
BMC Software | TrueSight App Visibility Manager | Vulnerable | Fix expected on Dec 15th |
BMC Software | TrueSight Automation Console | Vulnerable | Fix expected on Dec 17th |
BMC Software | TrueSight Automation for Networks | Vulnerable | Fix expected on Dec 13th |
BMC Software | TrueSight Automation for Servers – Data Warehouse | Vulnerable | Fix expected on Dec 17th |
BMC Software | TrueSight Automation for Servers | Vulnerable | Fix expected on Dec 17th |
BMC Software | TrueSight Infrastructure Management | Vulnerable | |
BMC Software | TrueSight IT Data Analytics | Vulnerable | Fix expected on Dec 15th |
BMC Software | TrueSight Operations Management | Vulnerable | Fix expected on Dec 16th |
BMC Software | TrueSight Smart Reporting | Vulnerable | Fix expected on Dec 14th |
BMC Software | TSOM Smart Reporting | Vulnerable | Fix expected on Dec 14th |
Brian Pangburn | SwingSet | < 4.0.6 | Fix |
Broadcom | CA Advanced Authentication | 9.1 & 9.1.01 & 9.1.02 | Workaround |
Broadcom | SiteMinder (CA Single Sign-On) | 12.8.x Policy Server, 12.8.04 or later Administrative UI, 12.8.x Access Gateway, 12.8.x SDK, 12.7 and 12.8 ASA Agents | Fix, Workaround |
Broadcom | Symantec Endpoint Protection Manager (SEPM) | 14.3 | Workaround |
C
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Cisco | General Cisco Disclaimer | Cisco is updating their advisory three times a day, please keep their website in your watchlist. We will try to update accordingly | |
Cisco | AppDynamics | <21.12.0 | Fix |
Cisco | Network Services Orchestrator (NSO) | < nso-5.3.5.1, nso-5.4.5.2, nso-5.5.4.1, nso-5.6.3.1 | Vulnerable |
Cisco | Nexus Dashboard (formerly Cisco Application Services Engine) | <2.1.2 | Vulnerable |
Cisco | Video Surveillance Operations Manager | <7.14.4 | Vulnerable |
Cisco | Webex Meetings Server | CWMS-3.0MR4SP2, CWMS-4.0MR4SP2 | Vulnerable |
CIS-CAT | CSAT Pro | < 1.7.1 | Vulnerable |
CIS-CAT | CIS-CAT Pro Assessor v4 | < 4.13.0 | Vulnerable |
CIS-CAT | CIS-CAT Pro Assessor Service v4 | < 1.13.0 | Vulnerable |
CIS-CAT | CIS-CAT Pro Assessor v3 | < 3.0.77 | Vulnerable |
Commvault | Cloud Apps & Oracle & MS-SQL | All supported versions | Fix |
Connect2id | Connect2id server | < 12.5.1 | Fix |
Contrast | Hosted SaaS Enviroments | All | Fix |
Contrast | On-premises (EOP) Environments | All | Fix/Mitigation |
Contrast | Scan | All | Fix |
ControlUp | All products | All versions | Fix |
Couchbase | Couchbase ElasticSearch connector | < 4.3.3 & < 4.2.13 | Fix |
Cyberark | Identity – Secure Web Sessions (SWS) | Fix | |
Cyberark | Privilege Cloud – Service (SaaS) | Fix | |
Cyberark | Privileged Threat Analytics (PTA) | Workaround – source, workaround | |
Cyberark | Remote Access (Alero) – Connector | Fix | |
Cyberark | Remote Access (Alero) – Service (SaaS) | Fix |
D
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
DatadogHQ | Datadog Agent | 6 < 6.32.2, 7 < 7.32.2 | Fix/workaround |
Dataverse | The Dataverse Project | Vulnerable | |
Debian | Apache-log4j.1.2 | stretch, buster, bullseye | Fix |
Debian | Apache-log4j2 | stretch, buster, bullseye | Fix |
Dynatrace | ActiveGates | 1.229.49.20211210-165018, 1.227.31.20211210-164955, 1.225.29.20211210-164930, 1.223.30.20211210-164926 | Fix |
E
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
EclecticIQ | TIP | < 2.11 | Vulnerable |
Elastic | APM Java Agent | 1.17.0-1.28.0 | Workaround |
Elastic | Elasticsearch | < 6.8.21, < 7.16.1 | Workaround |
Elastic | Elasticsearch | => 7.16.1 | Fixed |
Elastic | Logstash | < 6.8.21, < 7.16.1 | Workaround |
Esri | ArcGIS Enterprise and related products | < 10.8.0 | Vulnerable |
EVL Labs | JGAAP | <8.0.2 | Fix |
Extreme Networks | IQVA | Vulnerable |
F
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Fiix | CMMS core | V5 | Fix |
FileCap | All products | <5.1.0 | Vulnerable |
Forcepoint | DLP Manager | Workaround | |
Forcepoint | Next Generation Firewall Security Management Center, and virtual SMC appliances (NGFW) | Workaround | |
Forcepoint | Security Manager (Web, Email and DLP) | Workaround | |
ForgeRock | Autonomous Identity | Workaround | |
Fortinet | FortiAIOps | Vulnerable | |
Fortinet | FortiCASB | Vulnerable | |
Fortinet | FortiConvertor | Vulnerable | |
Fortinet | FortiEDR Cloud | Vulnerable | |
Fortinet | FortiNAC | Vulnerable | |
Fortinet | FortiNAC | Vulnerable | |
Fortinet | FortiPolicy | Vulnerable | |
Fortinet | FortiPortal | Vulnerable | |
Fortinet | FortiSIEM | Vulnerable | |
Fortinet | FortiSOAR | Vulnerable | |
Fortinet | ShieldX | Vulnerable | |
F-Secure | Endpoint Proxy | 13-15 | Fix |
F-Secure | Policy Manager | 13-15 | Fix |
F-Secure | Policy Manager Proxy | 13-15 | Fix |
G
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
GeoSolutions | Geonetwork | All versions | Workaround |
GFI Software | Kerio Connect | Vulnerable | |
GitHub | Github Enterprise Server | 3.3.1, 3.2.6, 3.1.14, 3.0.22 | Fix |
Gradle | Gradle Enterprise | 2021.3.6 | Fix |
Gradle | Gradle Enterprise Test Distribution Agent | 1.6.2 | Fix |
Gradle | Gradle Enterprise Build Cache Node | 10.1 | Fix |
Graylog | Graylog | < 3.3.15,<4.0.14,<4.1.9,<4.2.3 | Fix |
GuardedBox | GuardedBox | <3.1.2 | Fix |
H
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
HCL Software | BigFix Compliance | > 2.0.1 ; < 2.0.4 | Workaround |
HCL Software | BigFix Inventory | < 10.0.7 | Workaround |
HPE | Silver Peak Orchestrator | Workaround – source, workaround |
I
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
IBM | Curam SPM | 8.0.0, 7.0.11 | Vulnerable |
IBM | VM Manager Tool (part of License Metric Tool) | >9.2.21,<9.2.26 | Vulnerable |
IBM | Websphere | 8.5 | Vulnerable |
IBM | Websphere | 9.0 | Vulnerable |
IGEL | Universal Management Suite | Workaround | |
Informatica | Axon | 7.2.x | Workaround |
Informatica | Data Privacy Management | 10.5, 10.5.1 | Workaround |
Informatica | Information Deployment Manager | Fix | |
Informatica | Metadata Manager | 10.4, 10.4.1, 10.5, 10.5.1 | Workaround |
Informatica | PowerCenter | 10.5.1 | Workaround |
Informatica | PowerExchange for CDC (Publisher) and Mainframe | 10.5.1 | Workaround |
Informatica | Product 360 | All versions | Workaround |
J
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Jamf Nation | Jamf Pro (hosted on-prem) | < 10.34.1 | See notes |
JetBrains | YouTrack Standalone | >= 2019.2 <= 2021.4.34389 | Vuln |
Jitsi | jitsi-videobridge | v2.1-595-g3637fda42 | Fix |
Juniper Networks | Junos Space Network Management Platform | Unspecified | Vulnerable |
Juniper Networks | Northstar Controller | Unspecified | Vulnerable |
Juniper Networks | Paragon Insights | >= 21 version 21.1 ; >= 22 version 22.2 | Vulnerable |
Juniper Networks | Paragon Pathfinder | >= 21 version 21.1 ; >= 22 version 22.2 | Vulnerable |
Juniper Networks | Paragon Planner | >= 21 version 21.1 ; >= 22 version 22.2 | Vulnerable |
K
Supplier | Product | Version (see Status) | Status |
---|
L
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
LeanIX | All products | All versions | Fix |
Lyrasis | DSpace | 7.x | Fix/Workaround |
M
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Mailcow | Mailcow Solr Docker | < 1.8 | Fix |
McAfee | Enterprise Security Manager (ESM) | 11.x | Workaround |
McAfee | Threat Intelligence Exchange (TIE) | 2.2, 2.3, 3.0 | Workaround |
McAfee | ePolicy Orchestrator Application Server (ePO) | 5.10 CU11 | Workaround |
Metabase | Metabase | <0.41.4 | Fix |
Micro Focus | ArcSight ESM | 7.2, 7.5 | Vulnerable |
Micro Focus | ArcSight Logger | 7.2 and above | Vulnerable |
Micro Focus | ArcSight Recon | All Versions | Vulnerable |
Micro Focus | ArcSight Intelligence | All Versions | Vulnerable |
Micro Focus | ArcSight Connectors | 8.2 and above | Vulnerable |
Micro Focus | ArcSight Transformation Hub | All Versions | Vulnerable |
Microsoft | Kafka Connect for Azure Cosmo DB | < 1.2.1 | Fix |
Minecraft | Java edition | <1.18.1 | Fix |
Mitel | Mitel Interaction Recording (MIR) | 6.3 to 6.7 | Fix |
N
Supplier | Product | Version (See Status) | Status |
---|---|---|---|
Nelson | Nelson | 0.16.185 | Vulnerable |
Neo4j | Neo4j | > 4.2 | Vulnerable |
Netflix | atlas | 1.6.6 | Workaround |
Netflix | dgs-framework | < 4.9.11 | Fix |
Netflix | spectator | < 1.0.9 | Fix |
NetIQ | Access Manager | >= 4.5.x & >= 5.0.x | Workaround |
New Relic | Java Agent | 6.5.1 & 7.4.1 | Fix |
NSA | Ghidra | < 10.1 | Fix – source, fix |
Nutanix | General Guidance | Nutanix updating Security Advisory #23 multiple times per day, please check source link for absolute latest status | |
Nutanix | AOS (STS) | All supported versions | Workaround |
Nutanix | Flow Security Central | SaaS | Fix |
Nutanix | Frame | SaaS Public | Fix |
Nutanix | Prism Central | All supported versions | Vulnerable |
Nutanix | Sizer | SaaS | Fix |
O
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
OCLC | all | all | Fix |
Okta | On-Prem MFA Agent | <1.4.6 | Fix – source, fix |
Okta | Radius Server Agent | 2.17.0 | Fix |
Okta | RADIUS Server Agent | <2.17.0 | Fix – source, fix |
openHAB | openHAB | 3.0.4, 3.1.1 | Fix |
OpenMRS | Talk | 2.4.0-2.4.1 | Vulnerable |
OpenNMS | Horizon (including derived Sentinels) | < 29.0.3 | Fix |
OpenNMS | Meridian (including derived Minions and Sentinels) | < 2021.1.8, 2020.1.15, 2019.1.27 | Fix |
OpenSearch | OpenSearch | < 1.2.1 | Fix |
Oracle | Oracle Data Integrator (ODI) | >= 12.2.1.3.210119, Marketplace – >= 2.1.0 | Workaround – source, Support note 2827611.1, Support Note 2827793.1 |
Oracle | Oracle WebCenter Portal | 12.2.1.3 & 12.2.1.4 | Workaround – source, Support note 2827611.1 |
OWASP | ZAP | < 2.11.1 | Fix |
P
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
PagerDuty | Rundeck | 3.3+ | Fix |
PaperCut | PaperCut MF | >= 21.0 | Workaround |
PaperCut | PaperCut NG | >= 21.0 | Workaround |
Pega | Pega Platform | On Prem | Fix |
Pexip | Pexip Service | all | Fix |
Portex | Portex | <3.0.2 | Fix |
Progress | DataDirect Hybrid Data Pipeline | Workaround – source, mitigations | |
Progress | OpenEdge | Workaround – source, mitigations | |
Puppet | Continuous Delivery for Puppet Enterprise | 3.x, < 4.10.2 | Fix – source, workaround,mitigations |
Q
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
QOS.ch | SLF4J Simple Logging Facade for Java |
R
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Red Hat | Red Hat CodeReady Studio 12 | Vulnerable | |
Red Hat | Red Hat Data Grid 8 | Vulnerable | |
Red Hat | Red Hat Descision Manager 7 | Vulnerable | |
Red Hat | Red Hat Integration Camel K | Vulnerable | |
Red Hat | Red Hat Integration Camel Quarkus | Vulnerable | |
Red Hat | Red Hat JBoss A-MQ Streaming | Vulnerable | |
Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack | Vulnerable | |
Red Hat | Red Hat JBoss Fuse 7 | Vulnerable | |
Red Hat | Red Hat OpenShift Application Runtimes | Vulnerable | |
Red Hat | Red Hat OpenShift Container Platform 3.11 openshift3/ose-logging-elasticsearch5 | Vulnerable | |
Red Hat | Red Hat OpenShift Container Platform 4 openshift4/ose-logging-elasticsearch6 | Vulnerable | |
Red Hat | Red Hat OpenShift Container Platform 4 openshift4/ose-metering-hive | Vulnerable | |
Red Hat | Red Hat OpenShift Container Platform 4 openshift4/ose-metering-presto | Vulnerable | |
Red Hat | Red Hat OpenShift Logging logging-elasticsearch6-container | Vulnerable | |
Red Hat | Red Hat OpenStack Platform 13 (Queens) opendaylight | Vulnerable | |
Red Hat | Red Hat Process Automation 7 | Vulnerable | |
Redis | Jedis | 3.7.1, 4.0.0-rc2 | Fix |
Riverbed | NetIM 2.x | Vulnerable | |
Riverbed | Portal 1.x | Vulnerable | |
Riverbed | Portal 3.x | Vulnerable | |
Riverbed | Scon EX Analytics | Vulnerable | |
Riverbed | Scon EX Director | Vulnerable | |
Riverbed | UCExpert | Vulnerable | |
RSA | NetWitness Orchestrator | >= 6.0 | Workaround |
RSA | NetWitness Platform | 11.4 | Workaround |
RSA | NetWitness Platform | >= 11.5 | Workaround |
Ruckus | FlexMaster | Vuln | |
Ruckus | SmartZone 100 (SZ-100) | Vuln | |
Ruckus | SmartZone 144 (SZ-144) | Vuln | |
Ruckus | SmartZone 300 (SZ-300) | Vuln | |
Ruckus | Unleashed | Vuln | |
Ruckus | Virtual SmartZone (vSZ) | Vuln |
S
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
SailPoint | IdentityIQ | 8.0 or later | Workaround |
SAP | Customer Checkout PoS / manager | 2.0 FP09, 2.0 FP10, 2.0 FP11 PL06 (or lower) and 2.0 FP12 PL04 (or lower) | Fix |
SAP | XS Advanced Runtime | 1.0.140 or lower | Fix |
SAS Institute | SAS Cloud Solutions | Workaround | |
SAS Institute | SAS Profile | Fix | |
Security Onion Solutions | Security Onion | 2.3.90 20211210 | Fix |
Siemens | E-Car OC Cloud Application | Fix | |
Siemens | EnergyIP Prepay | 3.7, 3.8 | Vulnerable |
Siemens | Industrial Edge Management App (IEM-App) | all | Vulnerable |
Siemens | Industrial Edge Management OS (IEM-OS) | all | Vulnerable |
Siemens | Industrial Edge Manangement Hub | all | Vulnerable |
Siemens | LOGO! Soft Comfort | all | Vulnerable |
Siemens | Mendix Applications | all | Vulnerable |
Siemens | Mindsphere Cloud Application | Fix | |
Siemens | Operation Scheduler | >= V1.1.3 | Vulnerable |
Siemens | SIGUARD DSA | V4.2, V4.3, V4.4 | Workaround |
Siemens | SIMATIC WinCC V7.4 | V7.4 SP1 | Fix |
Siemens | Siveillance Command | >= 4.16.2.1 | Vulnerable |
Siemens | Siveillance Control Pro | < V2.1 | Vulnerable |
Siemens | Siveillance Control Pro | >= V2.1 | Workaround |
Siemens | Siveillance Vantage | all | Vulnerable |
SolarWinds | Database Performance Analyzer | 2021.1.x, 2021.3.x, 2022.1.x | Workaround – source, workaround |
SolarWinds | Server & Application Monitor | >= 2020.2.6 | Workaround – source, workaround |
SonarSource | SonarCloud | Fix | |
SonarSource | SonarQube | Workaround | |
SonicWall | Email Security | 10.x | Vulnerable |
Sophos | Cloud Optix | Fix | |
Sophos | Sophos Mobile EAS Proxy | 9.7.2 | Fix |
Splunk | Add-On: Java Management Extensions | 3.0.0, 2.1.0 | Vulnerable |
Splunk | Add-On: JBoss | 3.0.0, 2.1.0 | Vulnerable |
Splunk | Add-On: Tomcat | 3.0.0, 2.1.0 | Vulnerable |
Splunk | Data Stream Processor | DSP 1.0.x, DSP 1.1.x, DSP 1.2.x | Vulnerable |
Splunk | IT Service Intelligence (ITSI) | 4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.x | Vulnerable |
Splunk | Splunk Connect for Kafka | <2.0.4 | Fix |
Splunk | Splunk Enterprise | All supported non-Windows versions of 8.1.x and 8.2.x only if Hadoop (Hunk) and/or DFS are used. | Workaround |
Splunk | Splunk Enterprise Amazon Machine Image (AMI) | see Splunk Enterprise | Workaround |
Splunk | Splunk Enterprise Docker Container | see Splunk Enterprise | Workaround |
Splunk | Splunk Logging Library for Java | <1.11.1 | Fix |
Splunk | Stream Processor Service | Current | Vulnerable |
Stardog | Stardog | <7.8.1 | Fix |
Stratodesk | NoTouch | 4.5.231 | Fix |
Sumo logic | Sumu logic | 19.361-12 | Fix |
SUSE | SUSE Openstack Cloud | all | Vuln |
syntevo | DeepGit | >= 4.0 | Fix |
syntevo | SmartGit | >= 18.1 | Fix |
syntevo | SmartSVN | >= 9.3 | Fix |
syntevo | SmartSynchronize | >= 3.5 | Fix |
SysAid | All products | Fix |
T
Supplier | Product | Version | Status |
---|---|---|---|
Talend | Talend Component Kit | Fix | |
Tealium | All products | Fix | |
Teamviewer | All products | Fix | |
Tosibox | All products | Fix | |
TrendMicro | Trend Micro Email Security & HES | Fix | |
TrendMicro | Vision One | Fix |
U
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Ubiquiti | UniFi Network Application | 6.5.54 | Fix |
Unify | First Response OpenScape Policy Store | Vulnerable | |
Unify | Hipath DS-Win | Vulnerable | |
Unify | OpenScape Contact Center | Vulnerable | |
Unify | OpenScape Contact Media Service | Vulnerable | |
Unify | OpenScape UC | >= 10.2.9.0 | Vulnerable |
Unify | OpenScape Voice | simplex deployments | Vulnerable |
US Signal | Remote Management and Monitoring platform | Workaround | |
USoft | USoft | 9.1.1F | Vulnerable |
V
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
VMware | API Portal for VMware Tanzu | 1.x | Fix – source, fix |
VMware | AppDefense Appliance | 2.x | Workaround – source, workaround |
VMware | App Metrics | 2.1.1 | Fix – source, fix |
VMware | Carbon Black Cloud Workload Appliance | 1.x | Fix – source, workaround |
VMware | Carbon Black EDR Server | 7.x, 6.x | Fix – source, workaround, fix |
VMware | Cloud Director Object Storage Extension | 2.1.x, 2.0.x | Fix – source, fix |
VMware | Cloud Foundation | 4.x, 3.x | Workaround – source, workaround |
VMware | HCX | 4.2.3, 4.1.0.2 | Fix |
VMware | Healthwatch for Tanzu Application Service | 2.1.7, 1.8.6 | Fix – source, fix |
VMware | Horizon | 8.x, 7.x | Workaround – source, workaround |
VMware | Horizon Cloud Connector | 1.x, 2.x | Fix – source, fix |
VMware | Horizon DaaS | 9.1.x, 9.0.x | Workaround – source, workaround |
VMware | Identity Manager | 3.3.x | Workaround – source, workaround |
VMware | NSX Data Center for vSphere | 6.x | Workaround – source, workaround |
VMware | NSX-T Data Center | 3.x, 2.x | Workaround – source, workaround |
VMware | Single Sign-On for VMware Tanzu Application Service | 1.x | Fix – source, fix |
VMware | Site Recovery Manager | 8.x | Vuln – source, workaround |
VMware | Spring Boot | < 2.5.8, < 2.6.2 | Workaround |
VMware | Spring Cloud Gateway for Kubernetes | 1.x | Vulnerable |
VMware | Spring Cloud Gateway for VMware Tanzu | 1.x | Fix – source, fix |
VMware | Spring Cloud Services for VMware Tanzu | 3.x | Fix – source, fix |
VMware | Tanzu Application Service for VMs | 2.x | Fix – source, workaround, fix |
VMware | Tanzu GemFire | 1.14.x, 1.13.x, 1.10.x | Fix – source, fix |
VMware | Tanzu Greenplum | 6.x | Workaround – source, workaround |
VMware | Tanzu Kubernetes Grid Integrated Edition | 2.x | Workaround – source, workaround |
VMware | Tanzu Observability by Wavefront Nozzle | 3.x, 2.x | Fix – source, fix |
VMware | Tanzu Operations Manager | 2.x | Fix – source, workaround, fix |
VMware | Tanzu SQL with MySQL for VMs | 2.x, 1.x | Vulnerable |
VMware | Telco Cloud Automation | 2.x, 1.x | Vulnerable |
VMware | Unified Access Gateway | 21.x, 20.x, 3.x | Workaround – source, workaround |
VMware | vCenter Cloud Gateway | 1.x | Workaround – source, workaround |
VMware | vCenter Server | 6.x | Workaround – source, workaround |
VMware | vCenter Server | 7.x, 6.x | Workaround – source, workaround |
VMware | vRealize Automation | 8.x, 7.x | Vulnerable |
VMware | vRealize Lifecycle Manager | 8.x | Workaround – source, workaround |
VMware | vRealize Log Insight | 8.x | Workaround – source, workaround |
VMware | vRealize Operations | 8.x | Workaround – source, workaround |
VMware | vRealize Operations Cloud Proxy | Any | Workaround – source, workaround |
VMware | vRealize Orchestrator | 8.x, 7.x | Vulnerable |
VMware | Workspace ONE Access | 21.x, 20.x | Workaround – source, workaround |
VMware | Workspace ONE Access Connector (VMware Identity Manager Connector) | 19.03.0.1, 20.x, 21.x | Workaround – source, workaround |
W
Supplier | Product | Version | Status |
---|---|---|---|
WitFoo | WitFoo Precinct | 6.x | Fix |
Wowza | Wowza Streaming Engine | 4.7.8, 4.8.x | Workaround |
X
Y
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Y Soft | SAFEQ 6 | <= 6.0.63 | Workaround |
Z
Supplier | Product | Version (see Status) | Status |
---|---|---|---|
Zammad | Zammad | Workaround |