Ghidra (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Ghidra Statement https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning

Community Resources

Resource Link
Ghidra Statement https://github.com/NationalSecurityAgency/ghidra/blob/2c73c72f0ba2720c6627be4005a721a5ebd64b46/README.md#warning

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community link Ghidra Statement.
2021-12-30 21:31:50 CISAGov Updated vendor link Ghidra Statement.
Expand Details

Gigamon Fabric Manager


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
Gigamon Customer Support Portal https://community.gigamon.com/gigamoncp/s/my-gigamon

Community Resources

Resource Link
Gigamon Customer Support Portal https://community.gigamon.com/gigamoncp/s/my-gigamon

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA.
CISAGov Updates available via the Gigamon Support Portal. This advisory available to customers only and has not been reviewed by CISA.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link Gigamon Customer Support Portal. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link Gigamon Customer Support Portal. Updated community note. Updated community note.
Expand Details

GitLab (Multiple Products)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
GitLab Statement https://forum.gitlab.com/t/cve-2021-4428/62763

Community Resources

Resource Link
source https://forum.gitlab.com/t/cve-2021-4428/62763/8

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated vendor link GitLab Statement.
Expand Details

GoAnywhere Gateway


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
GoAnywhere Statement https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps

Community Resources

Resource Link
source https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/18/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link GoAnywhere Statement. Updated community note.
Expand Details

GoAnywhere MFT


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
GoAnywhere Statement https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps

Community Resources

Resource Link
source https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/18/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link GoAnywhere Statement. Updated community note.
Expand Details

GoAnywhere MFT Agents


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
GoAnywhere Statement https://www.goanywhere.com/cve-2021-44228-and-cve-2021-45046-goanywhere-mitigation-steps

Community Resources

Resource Link
source https://www.goanywhere.com/cve-2021-44228-goanywhere-mitigation-steps

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL Versions less than GoAnywhere Agent version 1.4.2 are not affected
CISAGov Last Update: 12/18/2021

Sources

Date Attribution Description
2022-01-03 12:08:44 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendorPatchExists. Updated vendor link GoAnywhere Statement. Updated community note.
Expand Details

Google Cloud Access Transparency


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Actifio


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL “Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit <a href=““https://now.actifio.com”” rel=““nofollow”">https://now.actifio.com for the full statement and to obtain the hotfix (available to Actifio customers only).”
CISAGov Actifio has identified limited exposure to the Log4j 2 vulnerability and has released a hotfix to address this vulnerability. Visit https://now.actifio.com for the full statement and to obtain the hotfix (available to Actifio customers only).
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2022-01-03 12:08:44 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AI Platform Data Labeling


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AI Platform Neural Architecture Search (NAS)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AI Platform Training and Prediction


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Anthos environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Anthos environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2022-01-03 12:08:44 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos Config Management


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos Connect


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos Hub


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos Identity Service


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos on VMWare


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds to their VMware products as they become available. We also recommend customers review their respective applications and workloads affected by the same vulnerabilities and apply appropriate patches.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We strongly encourage customers to check VMware recommendations documented in VMSA-2021-0028 and deploy fixes or workarounds to their VMware products as they become available. We also recommend customers review their respective applications and workloads affected by the same vulnerabilities and apply appropriate patches.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos Premium Software


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Anthos Service Mesh


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Apigee


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not used and therefore the VMs were not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. It is possible that customers may have introduced custom resources that are using vulnerable versions of Log4j. We strongly encourage customers who manage Apigee environments to identify components dependent on Log4j and update them to the latest version. Visit the Apigee Incident Report for more information.
CISAGov Apigee installed Log4j 2 in its Apigee Edge VMs, but the software was not used and therefore the VMs were not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. Apigee updated Log4j 2 to v.2.16 as an additional precaution. It is possible that customers may have introduced custom resources that are using vulnerable versions of Log4j. We strongly encourage customers who manage Apigee environments to identify components dependent on Log4j and update them to the latest version. Visit the Apigee Incident Report for more information.
CISAGov Last Update: 12/17/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud App Engine


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage App Engine environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage App Engine environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AppSheet


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core AppSheet functionality. Additionally, we have patched one Java-based auxiliary service in our platform. We will continue to monitor for affected services and patch or remediate as required. If you have any questions or require assistance, contact AppSheet Support.
CISAGov The AppSheet core platform runs on non-JVM (non-Java) based runtimes. At this time, we have identified no impact to core AppSheet functionality. Additionally, we have patched one Java-based auxiliary service in our platform. We will continue to monitor for affected services and patch or remediate as required. If you have any questions or require assistance, contact AppSheet Support.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Armor


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Armor Managed Protection Plus


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-03 12:08:44 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Artifact Registry


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Assured Workloads


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AutoML


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AutoML Natural Language


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2022-01-03 12:08:44 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AutoML Tables


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AutoML Translation


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AutoML Video


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud AutoML Vision


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud BigQuery


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud BigQuery Data Transfer Service


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2022-01-03 12:08:44 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud BigQuery Omni


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL BigQuery Omni, which runs on AWS and Azure infrastructure, does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We continue to work with AWS and Azure to assess the situation.
CISAGov BigQuery Omni, which runs on AWS and Azure infrastructure, does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. We continue to work with AWS and Azure to assess the situation.
CISAGov Last Update: 12/19/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Binary Authorization


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Certificate Manager


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Chronicle


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Asset Inventory


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Bigtable


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/19/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Build


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Build environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Build environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud CDN


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Composer


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible that customers may have imported or introduced other dependencies via DAGs, installed PyPI modules, plugins, or other services that are using vulnerable versions of Log4j 2. We strongly encourage customers, who manage Composer environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Cloud Composer does not use Log4j 2 and is not impacted by the issues in CVE-2021-44228 and CVE-2021-45046. It is possible that customers may have imported or introduced other dependencies via DAGs, installed PyPI modules, plugins, or other services that are using vulnerable versions of Log4j 2. We strongly encourage customers, who manage Composer environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/15/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Console App


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Data Loss Prevention


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Debugger


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 2021-12-21

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Deployment Manager


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 2021-12-21

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud DNS


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Endpoints


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 2021-12-21

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud External Key Manager (EKM)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 2021-12-21

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Functions


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Functions environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 2021-12-21

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Harware Security Module (HSM)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 2021-12-21

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Interconnect


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Intrusion Detection System (IDS)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Key Management Service


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Load Balancing


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Logging


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Natural Language API


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Network Address Translation (NAT)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Profiler


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Router


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Run


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL 12/21/2021
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Run for Anthos


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Run for Anthos environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Scheduler


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud SDK


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Shell


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Shell environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. Customers may have introduced a separate logging solution that uses Log4j 2. We strongly encourage customers who manage Cloud Shell environments to identify components dependent on Log4j 2 and update them to the latest version.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Source Repositories


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Spanner


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/19/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud SQL


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/19/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Storage


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Tasks


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Trace


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Traffic Director


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Translation


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Vision


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud Vision OCR On-Prem


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Cloud VPN


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud CompilerWorks


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Compute Engine


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Compute Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes to Google Cloud VMware Engine as they become available.
CISAGov Compute Engine does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046. For those using Google Cloud VMware Engine, we are working with VMware and tracking VMSA-2021-0028.1. We will deploy fixes to Google Cloud VMware Engine as they become available.
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Contact Center AI (CCAI)


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details

Google Cloud Contact Center AI Insights


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
https://cloud.google.com/log4j2-security-advisory https://cloud.google.com/log4j2-security-advisory

Community Resources

Resource Link
source https://cloud.google.com/log4j2-security-advisory

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Product does not use Log4j 2 and is not impacted by the issues identified in CVE-2021-44228 and CVE-2021-45046.
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link https://cloud.google.com/log4j2-security-advisory. Updated community note. Updated community note.
Expand Details