As of 12-14-2021 – Zyxware’s most up to date list of Log4J vulnerabilities.

Use Control + F to search the page for your software.


SupplierProductVersion (see Status)Status (Hover Mouse for Link)
Accellence TechnologiesEBÜSAllWorkaround
AkamaiSiem Splunk Connector<1.4.10Workaround
AmazonAMS Fix
AmazonAPI Gateway Fix
AmazonAWS CloudHSM3.4.1Fix
AmazonAWS Glue Fix
AmazonAWS Greengrass Fix
AmazonAWS Lambda Fix
AmazonCloudfront Fix
AmazonConnect Fix
AmazonDynamoDB Fix
AmazonEC2 Fix – sourcefix
AmazonKafka Fix
AmazonKeyspaces (for Apache Cassandra) Fix
AmazonKinesis Data Analytics Fix
AmazonLake Formation Fix
AmazonMQ Fix
AmazonNICE Fix
AmazonOpenSearch Fix
AmazonRDS Fix
AmazonS3 Fix
ApacheDubboAll versionsFix
ApacheFlink1.15.0, 1.14.1, 1.13.4Fix
ApacheSOLR7.4.0 to 7.7.3, 8.0.0 to 8.11.0Workaround
ApacheTika2.0.0 and upVulnerable
APCPowerChute Business EditionUnknow to
APCPowerChute Network ShutdownUnknow to 4.2.0Vulnerable
ApereoCAS6.3.x & 6.4.xFix
ApereoOpencast< 9.10, < 10.6Fix
AptibleAptibleElasticSearch 5.xFix
ArduinoArduino IDE1.8.17Fix
Arista NetworksCloudVision Portal>2019.1.0Vulnerable
Arista NetworksCloudVision Wi-Fi, virtual appliance or physical appliance>8.8Vulnerable
Arista NetworksAnalytics Node for DANZ Monitoring Fabric (formerly Big Monitoring Fabric)>7.0.0Vulnerable
Arista NetworksAnalytics Node for Converged Cloud Fabric (formerly Big Cloud Fabric)>7.0.0Vulnerable
Arista NetworksEmbedded Analytics for Converged Cloud Fabric (formerly Big Cloud Fabric)>5.3.0Vulnerable
Arista NetworksCloudVision Portal>2019.1.0Vulnerable
Arista NetworksCloudVision Wi-Fi, virtual appliance or physical appliance>8.8Vulnerable
AtlassianBamboo Server & Data CenterOn premVulnerable
AtlassianBitBucket ServerOn premWorkaround
AtlassianConfluence Server & Data CenterOn premVulnerable
AtlassianCrowd Server & Data CenterOn premVulnerable
AtlassianCrucibleOn premVulnerable
AtlassianFisheyeOn premVulnerable
AtlassianJira Server & Data CenterOn premVulnerable


SupplierProductVersion (see Status)Status
BackblazeCloudN/A (SaaS)Fix
BMC SoftwareBladelogic Database Automation  VulnerableFix expected on Dec 15th
BMC SoftwareBMC AMI Ops Common Rest API (CRA)VulnerableFix expected on Dec 14th
BMC SoftwareBMC AMI Ops Infrastructure (MVI) – CRA componentVulnerableFix expected on Dec 14th
BMC SoftwareBMC AMI Ops InsightVulnerableFix expected on Dec 14th
BMC SoftwareBMC AMI Ops UI VulnerableFix expected on Dec 14th
BMC SoftwareBMC Client ManagementVulnerableFix expected on Dec 14th
BMC SoftwareBMC DiscoveryFixFix available in BMC’s Electronic Product Download site (EPD)
BMC SoftwareBMC Helix Continuous OptimizationVulnerableFix expected on Dec 15th
BMC SoftwareBMC License Usage Collection UtilityVulnerableFix expected on Dec 14th
BMC SoftwareCMDBVulnerable 
BMC SoftwareControl-MVulnerable 
BMC SoftwareHelix Data ManagerVulnerable 
BMC SoftwareKMs – Sybase KM & Linux (RHEV)FixFix available in BMC’s Electronic Product Download site (EPD)  
BMC SoftwareMainView Middleware MonitorVulnerableFix expected on Dec 20th
BMC SoftwareRemedy Smart ReportingVulnerable 
BMC SoftwareTrueSight App Visibility ManagerVulnerableFix expected on Dec 15th
BMC SoftwareTrueSight Automation ConsoleVulnerableFix expected on Dec 17th
BMC SoftwareTrueSight Automation for NetworksVulnerableFix expected on Dec 13th
BMC SoftwareTrueSight Automation for Servers – Data WarehouseVulnerableFix expected on Dec 17th
BMC SoftwareTrueSight Automation for ServersVulnerableFix expected on Dec 17th
BMC SoftwareTrueSight Infrastructure ManagementVulnerable 
BMC SoftwareTrueSight IT Data AnalyticsVulnerableFix expected on Dec 15th
BMC SoftwareTrueSight Operations ManagementVulnerableFix expected on Dec 16th
BMC SoftwareTrueSight Smart ReportingVulnerableFix expected on Dec 14th
BMC SoftwareTSOM Smart ReportingVulnerableFix expected on Dec 14th
Brian PangburnSwingSet< 4.0.6Fix
BroadcomCA Advanced Authentication9.1 & 9.1.01 & 9.1.02Workaround
BroadcomSiteMinder (CA Single Sign-On)12.8.x Policy Server, 12.8.04 or later Administrative UI, 12.8.x Access Gateway, 12.8.x SDK, 12.7 and 12.8 ASA AgentsFix, Workaround
BroadcomSymantec Endpoint Protection Manager (SEPM)14.3Workaround


SupplierProductVersion (see Status)Status
CiscoGeneral Cisco DisclaimerCisco is updating their advisory three times a day, please keep their website in your watchlist. We will try to update accordingly 
CiscoNetwork Services Orchestrator (NSO)< nso-, nso-, nso-, nso-
CiscoNexus Dashboard (formerly Cisco Application Services Engine)<2.1.2Vulnerable
CiscoVideo Surveillance Operations Manager<7.14.4Vulnerable
CiscoWebex Meetings ServerCWMS-3.0MR4SP2, CWMS-4.0MR4SP2Vulnerable
CIS-CATCSAT Pro< 1.7.1Vulnerable
CIS-CATCIS-CAT Pro Assessor v4< 4.13.0Vulnerable
CIS-CATCIS-CAT Pro Assessor Service v4< 1.13.0Vulnerable
CIS-CATCIS-CAT Pro Assessor v3< 3.0.77Vulnerable
CommvaultCloud Apps & Oracle & MS-SQLAll supported versionsFix
Connect2idConnect2id server< 12.5.1Fix
ContrastHosted SaaS EnviromentsAllFix
ContrastOn-premises (EOP) EnvironmentsAllFix/Mitigation
ControlUpAll productsAll versionsFix
CouchbaseCouchbase ElasticSearch connector< 4.3.3 & < 4.2.13Fix
CyberarkIdentity – Secure Web Sessions (SWS) Fix
CyberarkPrivilege Cloud – Service (SaaS) Fix
CyberarkPrivileged Threat Analytics (PTA) Workaround – sourceworkaround
CyberarkRemote Access (Alero) – Connector Fix
CyberarkRemote Access (Alero) – Service (SaaS) Fix


SupplierProductVersion (see Status)Status
DatadogHQDatadog Agent6 < 6.32.2, 7 < 7.32.2Fix/workaround
DataverseThe Dataverse Project Vulnerable
DebianApache-log4j.1.2stretch, buster, bullseyeFix
DebianApache-log4j2stretch, buster, bullseyeFix


SupplierProductVersion (see Status)Status
EclecticIQTIP< 2.11Vulnerable
ElasticAPM Java Agent1.17.0-1.28.0Workaround
ElasticElasticsearch< 6.8.21, < 7.16.1Workaround
ElasticElasticsearch=> 7.16.1Fixed
ElasticLogstash< 6.8.21, < 7.16.1Workaround
EsriArcGIS Enterprise and related products< 10.8.0Vulnerable
EVL LabsJGAAP<8.0.2Fix
Extreme NetworksIQVA Vulnerable


SupplierProductVersion (see Status)Status
FiixCMMS coreV5Fix
FileCapAll products<5.1.0Vulnerable
ForcepointDLP Manager Workaround
ForcepointNext Generation Firewall Security Management Center, and virtual SMC appliances (NGFW) Workaround
ForcepointSecurity Manager (Web, Email and DLP) Workaround
ForgeRockAutonomous Identity Workaround
FortinetFortiAIOps Vulnerable
FortinetFortiCASB Vulnerable
FortinetFortiConvertor Vulnerable
FortinetFortiEDR Cloud Vulnerable
FortinetFortiNAC Vulnerable
FortinetFortiNAC Vulnerable
FortinetFortiPolicy Vulnerable
FortinetFortiPortal Vulnerable
FortinetFortiSIEM Vulnerable
FortinetFortiSOAR Vulnerable
FortinetShieldX Vulnerable
F-SecureEndpoint Proxy13-15Fix
F-SecurePolicy Manager13-15Fix
F-SecurePolicy Manager Proxy13-15Fix


SupplierProductVersion (see Status)Status
GeoSolutionsGeonetworkAll versionsWorkaround
GFI SoftwareKerio Connect Vulnerable
GitHubGithub Enterprise Server3.3.1, 3.2.6, 3.1.14, 3.0.22Fix
GradleGradle Enterprise2021.3.6Fix
GradleGradle Enterprise Test Distribution Agent1.6.2Fix
GradleGradle Enterprise Build Cache Node10.1Fix
GraylogGraylog< 3.3.15,<4.0.14,<4.1.9,<4.2.3Fix


SupplierProductVersion (see Status)Status
HCL SoftwareBigFix Compliance> 2.0.1 ; < 2.0.4Workaround
HCL SoftwareBigFix Inventory< 10.0.7Workaround
HPESilver Peak Orchestrator Workaround – sourceworkaround


SupplierProductVersion (see Status)Status
IBMCuram SPM8.0.0, 7.0.11Vulnerable
IBMVM Manager Tool (part of License Metric Tool)>9.2.21,<9.2.26Vulnerable
IGELUniversal Management Suite Workaround
InformaticaData Privacy Management10.5, 10.5.1Workaround
InformaticaInformation Deployment Manager Fix
InformaticaMetadata Manager10.4, 10.4.1, 10.5, 10.5.1Workaround
InformaticaPowerExchange for CDC (Publisher) and Mainframe10.5.1Workaround
InformaticaProduct 360All versionsWorkaround


SupplierProductVersion (see Status)Status
Jamf NationJamf Pro (hosted on-prem)< 10.34.1See notes
JetBrainsYouTrack Standalone>= 2019.2 <= 2021.4.34389Vuln
Juniper NetworksJunos Space Network Management PlatformUnspecifiedVulnerable
Juniper NetworksNorthstar ControllerUnspecifiedVulnerable
Juniper NetworksParagon Insights>= 21 version 21.1 ; >= 22 version 22.2Vulnerable
Juniper NetworksParagon Pathfinder>= 21 version 21.1 ; >= 22 version 22.2Vulnerable
Juniper NetworksParagon Planner>= 21 version 21.1 ; >= 22 version 22.2Vulnerable


SupplierProductVersion (see Status)Status


SupplierProductVersion (see Status)Status
LeanIXAll productsAll versionsFix


SupplierProductVersion (see Status)Status
MailcowMailcow Solr Docker< 1.8Fix
McAfeeEnterprise Security Manager (ESM)11.xWorkaround
McAfeeThreat Intelligence Exchange (TIE)2.2, 2.3, 3.0Workaround
McAfeeePolicy Orchestrator Application Server (ePO)5.10 CU11Workaround
Micro FocusArcSight ESM7.2, 7.5Vulnerable
Micro FocusArcSight Logger7.2 and aboveVulnerable
Micro FocusArcSight ReconAll VersionsVulnerable
Micro FocusArcSight IntelligenceAll VersionsVulnerable
Micro FocusArcSight Connectors8.2 and aboveVulnerable
Micro FocusArcSight Transformation HubAll VersionsVulnerable
MicrosoftKafka Connect for Azure Cosmo DB< 1.2.1Fix
MinecraftJava edition<1.18.1Fix
MitelMitel Interaction Recording (MIR)6.3 to 6.7Fix


SupplierProductVersion (See Status)Status
Neo4jNeo4j> 4.2Vulnerable
Netflixdgs-framework< 4.9.11Fix
Netflixspectator< 1.0.9Fix
NetIQAccess Manager>= 4.5.x & >= 5.0.xWorkaround
New RelicJava Agent6.5.1 & 7.4.1Fix
NSAGhidra< 10.1Fix – sourcefix
NutanixGeneral GuidanceNutanix updating Security Advisory #23 multiple times per day, please check source link for absolute latest status 
NutanixAOS (STS)All supported versionsWorkaround
NutanixFlow Security CentralSaaSFix
NutanixFrameSaaS PublicFix
NutanixPrism CentralAll supported versionsVulnerable


SupplierProductVersion (see Status)Status
OktaOn-Prem MFA Agent<1.4.6Fix – sourcefix
OktaRadius Server Agent2.17.0Fix
OktaRADIUS Server Agent<2.17.0Fix – sourcefix
openHABopenHAB3.0.4, 3.1.1Fix
OpenNMSHorizon (including derived Sentinels)< 29.0.3Fix
OpenNMSMeridian (including derived Minions and Sentinels)< 2021.1.8, 2020.1.15, 2019.1.27Fix
OpenSearchOpenSearch< 1.2.1Fix
OracleOracle Data Integrator (ODI)>=, Marketplace – >= 2.1.0Workaround – sourceSupport note 2827611.1Support Note 2827793.1
OracleOracle WebCenter Portal12.2.1.3 & – sourceSupport note 2827611.1
OWASPZAP< 2.11.1Fix


SupplierProductVersion (see Status)Status
PaperCutPaperCut MF>= 21.0Workaround
PaperCutPaperCut NG>= 21.0Workaround
PegaPega PlatformOn PremFix
PexipPexip ServiceallFix
ProgressDataDirect Hybrid Data Pipeline Workaround – sourcemitigations
ProgressOpenEdge Workaround – sourcemitigations
PuppetContinuous Delivery for Puppet Enterprise3.x, < 4.10.2Fix – sourceworkaround,mitigations


SupplierProductVersion (see Status)Status
QOS.chSLF4J Simple Logging Facade for Java  


SupplierProductVersion (see Status)Status
Red HatRed Hat CodeReady Studio 12 Vulnerable
Red HatRed Hat Data Grid 8 Vulnerable
Red HatRed Hat Descision Manager 7 Vulnerable
Red HatRed Hat Integration Camel K Vulnerable
Red HatRed Hat Integration Camel Quarkus Vulnerable
Red HatRed Hat JBoss A-MQ Streaming Vulnerable
Red HatRed Hat JBoss Enterprise Application Platform Expansion Pack Vulnerable
Red HatRed Hat JBoss Fuse 7 Vulnerable
Red HatRed Hat OpenShift Application Runtimes Vulnerable
Red HatRed Hat OpenShift Container Platform 3.11 openshift3/ose-logging-elasticsearch5 Vulnerable
Red HatRed Hat OpenShift Container Platform 4 openshift4/ose-logging-elasticsearch6 Vulnerable
Red HatRed Hat OpenShift Container Platform 4 openshift4/ose-metering-hive Vulnerable
Red HatRed Hat OpenShift Container Platform 4 openshift4/ose-metering-presto Vulnerable
Red HatRed Hat OpenShift Logging logging-elasticsearch6-container Vulnerable
Red HatRed Hat OpenStack Platform 13 (Queens) opendaylight Vulnerable
Red HatRed Hat Process Automation 7 Vulnerable
RedisJedis3.7.1, 4.0.0-rc2Fix
RiverbedNetIM 2.x Vulnerable
RiverbedPortal 1.x Vulnerable
RiverbedPortal 3.x Vulnerable
RiverbedScon EX Analytics Vulnerable
RiverbedScon EX Director Vulnerable
RiverbedUCExpert Vulnerable
RSANetWitness Orchestrator>= 6.0Workaround
RSANetWitness Platform11.4Workaround
RSANetWitness Platform>= 11.5Workaround
RuckusFlexMaster Vuln
RuckusSmartZone 100 (SZ-100) Vuln
RuckusSmartZone 144 (SZ-144) Vuln
RuckusSmartZone 300 (SZ-300) Vuln
RuckusUnleashed Vuln
RuckusVirtual SmartZone (vSZ) Vuln


SupplierProductVersion (see Status)Status
SailPointIdentityIQ8.0 or laterWorkaround
SAPCustomer Checkout PoS / manager2.0 FP09, 2.0 FP10, 2.0 FP11 PL06 (or lower) and 2.0 FP12 PL04 (or lower)Fix
SAPXS Advanced Runtime1.0.140 or lowerFix
SAS InstituteSAS Cloud Solutions Workaround
SAS InstituteSAS Profile Fix
Security Onion SolutionsSecurity Onion2.3.90 20211210Fix
SiemensE-Car OC Cloud Application Fix
SiemensEnergyIP Prepay3.7, 3.8Vulnerable
SiemensIndustrial Edge Management App (IEM-App)allVulnerable
SiemensIndustrial Edge Management OS (IEM-OS)allVulnerable
SiemensIndustrial Edge Manangement HuballVulnerable
SiemensLOGO! Soft ComfortallVulnerable
SiemensMendix ApplicationsallVulnerable
SiemensMindsphere Cloud Application Fix
SiemensOperation Scheduler>= V1.1.3Vulnerable
SiemensSIGUARD DSAV4.2, V4.3, V4.4Workaround
SiemensSIMATIC WinCC V7.4V7.4 SP1Fix
SiemensSiveillance Command>=
SiemensSiveillance Control Pro< V2.1Vulnerable
SiemensSiveillance Control Pro>= V2.1Workaround
SiemensSiveillance VantageallVulnerable
SolarWindsDatabase Performance Analyzer2021.1.x, 2021.3.x, 2022.1.xWorkaround – sourceworkaround
SolarWindsServer & Application Monitor>= 2020.2.6Workaround – sourceworkaround
SonarSourceSonarCloud Fix
SonarSourceSonarQube Workaround
SonicWallEmail Security10.xVulnerable
SophosCloud Optix Fix
SophosSophos Mobile EAS Proxy9.7.2Fix
SplunkAdd-On: Java Management Extensions3.0.0, 2.1.0Vulnerable
SplunkAdd-On: JBoss3.0.0, 2.1.0Vulnerable
SplunkAdd-On: Tomcat3.0.0, 2.1.0Vulnerable
SplunkData Stream ProcessorDSP 1.0.x, DSP 1.1.x, DSP 1.2.xVulnerable
SplunkIT Service Intelligence (ITSI)4.11.x, 4.10.x, 4.9.x, 4.8.x, 4.7.x, 4.4.xVulnerable
SplunkSplunk Connect for Kafka<2.0.4Fix
SplunkSplunk EnterpriseAll supported non-Windows versions of 8.1.x and 8.2.x only if Hadoop (Hunk) and/or DFS are used.Workaround
SplunkSplunk Enterprise Amazon Machine Image (AMI)see Splunk EnterpriseWorkaround
SplunkSplunk Enterprise Docker Containersee Splunk EnterpriseWorkaround
SplunkSplunk Logging Library for Java<1.11.1Fix
SplunkStream Processor ServiceCurrentVulnerable
Sumo logicSumu logic19.361-12Fix
SUSESUSE Openstack CloudallVuln
syntevoDeepGit>= 4.0Fix
syntevoSmartGit>= 18.1Fix
syntevoSmartSVN>= 9.3Fix
syntevoSmartSynchronize>= 3.5Fix
SysAidAll products Fix


TalendTalend Component Kit Fix
TealiumAll products Fix
TeamviewerAll products Fix
TosiboxAll products Fix
TrendMicroTrend Micro Email Security & HES Fix
TrendMicroVision One Fix


SupplierProductVersion (see Status)Status
UbiquitiUniFi Network Application6.5.54Fix
UnifyFirst Response OpenScape Policy Store Vulnerable
UnifyHipath DS-Win Vulnerable
UnifyOpenScape Contact Center Vulnerable
UnifyOpenScape Contact Media Service Vulnerable
UnifyOpenScape UC>=
UnifyOpenScape Voicesimplex deploymentsVulnerable
US SignalRemote Management and Monitoring platform Workaround


SupplierProductVersion (see Status)Status
VMwareAPI Portal for VMware Tanzu1.xFix – sourcefix
VMwareAppDefense Appliance2.xWorkaround – sourceworkaround
VMwareApp Metrics2.1.1Fix – sourcefix
VMwareCarbon Black Cloud Workload Appliance1.xFix – sourceworkaround
VMwareCarbon Black EDR Server7.x, 6.xFix – sourceworkaroundfix
VMwareCloud Director Object Storage Extension2.1.x, 2.0.xFix – sourcefix
VMwareCloud Foundation4.x, 3.xWorkaround – sourceworkaround
VMwareHealthwatch for Tanzu Application Service2.1.7, 1.8.6Fix – sourcefix
VMwareHorizon8.x, 7.xWorkaround – sourceworkaround
VMwareHorizon Cloud Connector1.x, 2.xFix – sourcefix
VMwareHorizon DaaS9.1.x, 9.0.xWorkaround – sourceworkaround
VMwareIdentity Manager3.3.xWorkaround – sourceworkaround
VMwareNSX Data Center for vSphere6.xWorkaround – sourceworkaround
VMwareNSX-T Data Center3.x, 2.xWorkaround – sourceworkaround
VMwareSingle Sign-On for VMware Tanzu Application Service1.xFix – sourcefix
VMwareSite Recovery Manager8.xVuln – sourceworkaround
VMwareSpring Boot< 2.5.8, < 2.6.2Workaround
VMwareSpring Cloud Gateway for Kubernetes1.xVulnerable
VMwareSpring Cloud Gateway for VMware Tanzu1.xFix – sourcefix
VMwareSpring Cloud Services for VMware Tanzu3.xFix – sourcefix
VMwareTanzu Application Service for VMs2.xFix – sourceworkaroundfix
VMwareTanzu GemFire1.14.x, 1.13.x, 1.10.xFix – sourcefix
VMwareTanzu Greenplum6.xWorkaround – sourceworkaround
VMwareTanzu Kubernetes Grid Integrated Edition2.xWorkaround – sourceworkaround
VMwareTanzu Observability by Wavefront Nozzle3.x, 2.xFix – sourcefix
VMwareTanzu Operations Manager2.xFix – sourceworkaroundfix
VMwareTanzu SQL with MySQL for VMs2.x, 1.xVulnerable
VMwareTelco Cloud Automation2.x, 1.xVulnerable
VMwareUnified Access Gateway21.x, 20.x, 3.xWorkaround – sourceworkaround
VMwarevCenter Cloud Gateway1.xWorkaround – sourceworkaround
VMwarevCenter Server6.xWorkaround – sourceworkaround
VMwarevCenter Server7.x, 6.xWorkaround – sourceworkaround
VMwarevRealize Automation8.x, 7.xVulnerable
VMwarevRealize Lifecycle Manager8.xWorkaround – sourceworkaround
VMwarevRealize Log Insight8.xWorkaround – sourceworkaround
VMwarevRealize Operations8.xWorkaround – sourceworkaround
VMwarevRealize Operations Cloud ProxyAnyWorkaround – sourceworkaround
VMwarevRealize Orchestrator8.x, 7.xVulnerable
VMwareWorkspace ONE Access21.x, 20.xWorkaround – sourceworkaround
VMwareWorkspace ONE Access Connector (VMware Identity Manager Connector), 20.x, 21.xWorkaround – sourceworkaround


WitFooWitFoo Precinct6.xFix
WowzaWowza Streaming Engine4.7.8, 4.8.xWorkaround



SupplierProductVersion (see Status)Status
Y SoftSAFEQ 6<= 6.0.63Workaround


SupplierProductVersion (see Status)Status
ZammadZammad Workaround