McAfee Client Proxy (MCP) for Mac


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Client Proxy (MCP) for Windows


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Data Exchange Layer (DXL) Client


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Data Loss Prevention (DLP) Discover


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Data Loss Prevention (DLP) Endpoint for Mac


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Data Loss Prevention (DLP) Endpoint for Windows


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Data Loss Prevention (DLP) Monitor


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Data Loss Prevention (DLP) Prevent


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Drive Encryption (MDE)


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Endpoint Security (ENS) for Linux


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Endpoint Security (ENS) for Mac


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Endpoint Security (ENS) for Windows


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Enterprise Security Manager (ESM)


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
https://kc.mcafee.com/agent/index?page=content&id=SB10377 https://kc.mcafee.com/agent/index?page=content&id=SB10377

Community Resources

Resource Link
source https://kc.mcafee.com/corporate/index?page=content&id=KB95091

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated vendorPatchExists. Updated vendor link https://kc.mcafee.com/agent/index?page=content&id=SB10377. Updated community note.
Expand Details

McAfee ePolicy Orchestrator Agent Handlers (ePO-AH)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://kc.mcafee.com/corporate/index?page=content&id=KB95091

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee ePolicy Orchestrator Application Server (ePO)


Vendor Data Vendor Patch Exists
Community Data Vulnerable

Vendor Resources

Resource Link
https://kc.mcafee.com/agent/index?page=content&id=SB10377 https://kc.mcafee.com/agent/index?page=content&id=SB10377

Community Resources

Resource Link
source https://kc.mcafee.com/corporate/index?page=content&id=KB95091

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated vendorPatchExists. Updated vendor link https://kc.mcafee.com/agent/index?page=content&id=SB10377. Updated community note.
Expand Details

McAfee Host Intrusion Prevention (Host IPS)


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Management of Native Encryption (MNE)


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Policy Auditor


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Security for Microsoft Exchange (MSME)


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Security for Microsoft SharePoint (MSMS)


Vendor Data
Community Data Not Vulnerable

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated community note.
Expand Details

McAfee Threat Intelligence Exchange (TIE)


Vendor Data
Community Data Vulnerable

Vendor Resources

Resource Link
https://kc.mcafee.com/agent/index?page=content&id=SB10377 https://kc.mcafee.com/agent/index?page=content&id=SB10377

Community Resources

Resource Link
source https://kc.mcafee.com/corporate/index?page=content&id=KB95091

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
CISAGov Latest status in linked Security Bulletin
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link https://kc.mcafee.com/agent/index?page=content&id=SB10377. Updated community note. Updated community note.
Expand Details

McAfee Web Gateway (MWG)


Vendor Data Vendor Patch Exists
Community Data

Vendor Resources

Resource Link
https://kc.mcafee.com/agent/index?page=content&id=SB10377 https://kc.mcafee.com/agent/index?page=content&id=SB10377

Community Resources

Resource Link
source https://kc.mcafee.com/agent/index?page=content&id=SB10377

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
CISAGov Last Update: 12/20/2021

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated vendor link https://kc.mcafee.com/agent/index?page=content&id=SB10377. Updated community note.
Expand Details

Medtronic (Multiple Products)


Vendor Data Vendor Investigating
Community Data

Vendor Resources

Resource Link
Medtronic Advisory Link https://global.medtronic.com/xg-en/product-security/security-bulletins/log4j-vulnerabilities.html

Community Resources

Resource Link
Medtronic Advisory Link https://global.medtronic.com/xg-en/product-security/security-bulletins/log4j-vulnerabilities.html

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Investigation
CISAGov Last Update: 12/21/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorInvestigating. Updated community note. Updated community link Medtronic Advisory Link.
2021-12-30 21:31:50 CISAGov Updated vendorInvestigating. Updated vendor link Medtronic Advisory Link. Updated community note.
Expand Details

Meltano (Multiple Products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
Meltano https://github.com/meltano/meltano

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Project is written in Python

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link Meltano. Updated community note.
Expand Details

Meltano Meltano


Vendor Data
Community Data

Vendor Resources

Resource Link
Meltano https://github.com/meltano/meltano

Community Notes

Source Note
CISAGov Project is written in Python

Sources

Date Attribution Description
2021-12-30 21:31:50 CISAGov Updated vendor link Meltano. Updated community note.
Expand Details

Memurai (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Memurai Information https://www.memurai.com/blog/apache-log4j2-cve-2021-44228

Community Resources

Resource Link
source https://www.memurai.com/blog/apache-log4j2-cve-2021-44228

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated vendor link Memurai Information.
Expand Details

messageconcept PeopleSync


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://messageconcept.atlassian.net/wiki/spaces/PSKB/pages/2139095041/Is+PeopleSync+affected+by+Log4Shell

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Micro Focus Data Protector


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
workaround https://portal.microfocus.com/s/article/KM000003052
source https://community.microfocus.com/img/bandr/f/itrc-251/512701/data-protector-v9-0-9-patch-workaround-for-log4j

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL Workaround only for supported versions. Earlier versions are not checked/worked on.

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link workaround. Updated community link source. Updated community note.
Expand Details

Micro Focus Silk Performer


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://portal.microfocus.com/s/article/KM000003066
workaround https://microfocus.my.salesforce.com/sfc/p/1t000000vhDP/a/8e000000c7fR/JrOxnycbJxIXDpzlzCCfBOy6pqqRcPD_cu.ySvH5Vc8

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL Workaround

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community link workaround. Updated community note.
Expand Details

Micro Focus Silk Test


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://portal.microfocus.com/s/article/KM000003066
workaround https://microfocus.my.salesforce.com/sfc/p/1t000000vhDP/a/8e000000c7fR/JrOxnycbJxIXDpzlzCCfBOy6pqqRcPD_cu.ySvH5Vc8

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL Workaround

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community link workaround. Updated community note.
Expand Details

MicroFocus (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
MicroFocus Statement https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228

Community Resources

Resource Link
MicroFocus Statement https://portal.microfocus.com/s/customportalsearch?language=en_US&searchtext=CVE-2021-44228

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated community link MicroFocus Statement.
2021-12-30 21:31:50 CISAGov Updated vendor link MicroFocus Statement.
Expand Details

Microsoft Azure API Gateway


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Resources

Resource Link
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link Microsoft’s Response to CVE-2021-44228 Apache Log4j 2.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Microsoft’s Response to CVE-2021-44228 Apache Log4j 2.
Expand Details

Microsoft Azure App Service


Vendor Data
Community Data

Community Resources

Resource Link
source https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Not vuln
NCSC-NL This product itself is not vulnerable, Microsoft provides guidance on remediation for hosted applications

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated community note. Updated community link source. Updated community note.
Expand Details

Microsoft Azure Application Gateway


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Resources

Resource Link
source https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Not vuln

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Microsoft’s Response to CVE-2021-44228 Apache Log4j 2.
Expand Details

Microsoft Azure Data Lake Store Java


Vendor Data
Community Data Vulnerability Disputed

Vendor Resources

Resource Link
azure-data-lake-store-java/CHANGES.md at ed5d6304783286c3cfff0a1dee457a922e23ad48 · Azure/azure-data-lake-store-java · GitHub https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310

Community Resources

Resource Link
source https://github.com/Azure/azure-data-lake-store-java/blob/ed5d6304783286c3cfff0a1dee457a922e23ad48/CHANGES.md#version-2310

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL Fix has been made to upgrade log4j-core. But this dependency has scope ‘test’ meaning it is not part of the final product/artifact. So there’s no risk for end users here.

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link azure-data-lake-store-java/CHANGES.md at ed5d6304783286c3cfff0a1dee457a922e23ad48 · Azure/azure-data-lake-store-java · GitHub.
Expand Details

Microsoft Azure DevOps


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
Azure DevOps (and Azure DevOps Server) and the log4j vulnerability https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511

Community Resources

Resource Link
source https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated community note. Updated community link source.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Azure DevOps (and Azure DevOps Server) and the log4j vulnerability.
Expand Details

Microsoft Azure DevOps Server


Vendor Data
Community Data Vulnerable

Vendor Resources

Resource Link
Azure DevOps (and Azure DevOps Server) and the log4j vulnerability https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511

Community Resources

Resource Link
source https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL When Azure DevOps Server Search is configured. Uses Elasticsearch OSS 6.2.4 (vulnerable) see Elasticsearch above for mitigation

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link Azure DevOps (and Azure DevOps Server) and the log4j vulnerability.
Expand Details

Microsoft Azure Traffic Manager


Vendor Data
Community Data Not Vulnerable

Vendor Resources

Resource Link
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Resources

Resource Link
Microsoft’s Response to CVE-2021-44228 Apache Log4j 2 https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link Microsoft’s Response to CVE-2021-44228 Apache Log4j 2.
2021-12-30 21:31:50 CISAGov Updated communityNotVulnerable. Updated vendor link Microsoft’s Response to CVE-2021-44228 Apache Log4j 2.
Expand Details

Microsoft Minecraft Java Edition


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://www.minecraft.net/en-us/article/important-message–security-vulnerability-java-edition
fix https://www.minecraft.net/en-us/article/minecraft-java-edition-1-18-1

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community link fix.
Expand Details

Microsoft Team Foundation Server


Vendor Data
Community Data Vulnerable

Vendor Resources

Resource Link
Azure DevOps (and Azure DevOps Server) and the log4j vulnerability https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511

Community Resources

Resource Link
source https://devblogs.microsoft.com/devops/azure-devops-and-azure-devops-server-and-the-log4j-vulnerability/?WT.mc_id=DOP-MVP-5001511

Community Notes

Source Note
NCSC-NL CVE-2021-44228: Vulnerable
NCSC-NL When Team Foundation Server Search is configured. Uses Elasticsearch OSS 5.4.1 (vulnerable) see Elasticsearch above for mitigation

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50 CISAGov Updated communityVulnerable. Updated vendor link Azure DevOps (and Azure DevOps Server) and the log4j vulnerability.
Expand Details

MicroStrategy Secure Enterprise


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://community.microstrategy.com/s/article/MicroStrategy-s-response-to-CVE-2021-44228-The-Log4j-0-Day-Vulnerability?language=en_US

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL Workaround available, Update scheduled for Week 51/2021

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

MIDITEC (Multiple Products)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.miditec.de/_download/files/information/Entwarnung%20-%20Schwachstelle.pdf

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL MTZ Time uses Log4j v1.x

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

Midori Global (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Midori Global Statement https://www.midori-global.com/blog/2021/12/15/cve-2021-44228-log4shell-midori-apps-are-not-affected

Community Resources

Resource Link
Midori Global Statement https://www.midori-global.com/blog/2021/12/15/cve-2021-44228-log4shell-midori-apps-are-not-affected

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated community link Midori Global Statement.
2021-12-30 21:31:50 CISAGov Updated vendor link Midori Global Statement.
Expand Details

Milestone sys (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Milestone sys Statement https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US

Community Resources

Resource Link
Milestone sys Statement https://supportcommunity.milestonesys.com/s/article/Log4J-vulnerability-faq?language=en_US

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated community link Milestone sys Statement.
2021-12-30 21:31:50 CISAGov Updated vendor link Milestone sys Statement.
Expand Details

Mimecast (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Mimecast Information https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability

Community Resources

Resource Link
Mimecast Information https://community.mimecast.com/s/article/Mimecast-Information-for-Customers-on-the-Log4Shell-Vulnerability

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated community link Mimecast Information.
2021-12-30 21:31:50 CISAGov Updated vendor link Mimecast Information.
Expand Details

Minecraft (Multiple Products)


Vendor Data
Community Data

Vendor Resources

Resource Link
Minecraft Vulnerability Message https://www.minecraft.net/en-us/article/important-message–security-vulnerability-java-edition

Community Resources

Resource Link
Minecraft Vulnerability Message https://www.minecraft.net/en-us/article/important-message–security-vulnerability-java-edition

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated community link Minecraft Vulnerability Message.
2021-12-30 21:31:50 CISAGov Updated vendor link Minecraft Vulnerability Message.
Expand Details

Mitel Interaction Recording (MIR)


Vendor Data Vendor Patch Exists
Community Data

Community Resources

Resource Link
source https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_21-0010-001.pdf

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL see SA211213-17

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.
Expand Details

Mitel Management Gateway


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiCollab


Vendor Data
Community Data Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_21-0010-002-v4.pdf

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround ; CVE-2021-45046: Workaround
NCSC-NL “Below v7.0 not vuln, <a href=““https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/log4j_micollab_remediation_details.pdf"" rel=““nofollow”">Fix”

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
Expand Details

Mitel MiContact Center Enterprise


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiContact Center Business


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2022-01-03 12:43:47 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiVoice 5000


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiVoice Border Gateway


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiVoice Business


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiVoice Connect


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel MiVoice Office 400


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-27 15:29:04 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel Mobility Router


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details

Mitel Standard Linux (MSL)


Vendor Data
Community Data Not Vulnerable

Community Resources

Resource Link
source https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-21-0010

Community Notes

Source Note
NCSC-NL CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date Attribution Description
2021-12-31 9:06:53 NCSC-NL Updated communityNotVulnerable. Updated community note. Updated community link source.
Expand Details