Riverbed Portal 1.x

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Includes Log4j 2.2

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Riverbed Portal 3.x

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Includes Log4j 2.13

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Riverbed SaaS Accelerator

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community note. Updated community link source.

Expand Details

Riverbed Scon CX

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Riverbed Scon EX Analytics

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Patches planned

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Riverbed Scon EX Director

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Patches planned

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Riverbed Scon EX FlexVNF

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Riverbed SteelCentral Controller for SteelHead

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community note. Updated community link source.

Expand Details

Riverbed SteelFusion Edge

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Riverbed SteelFusionCore (appliance, virtual)

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Riverbed SteelHead CX (appliance, virtual, cloud)

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community note. Updated community link source.

Expand Details

Riverbed SteelHead Interceptor

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community note. Updated community link source.

Expand Details

Riverbed Transaction Analyzer

Vendor Data

Vendor Investigating

Community Data

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link source.

Expand Details

Riverbed Transaction Analyzer Agents

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln
NCSC-NL	Log4j not in use

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Riverbed UCExpert

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Riverbed WinSec Controller for SteelHead (WSC)

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://supportkb.riverbed.com/support/index?page=content&id=S35645&actp=LIST_RECENT

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community note. Updated community link source.

Expand Details

RocketChat (Multiple Products)

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://rocket.chat/blog/log4j-software-vulnerability

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source.

Expand Details

Rockwell Automation FactoryTalk Analytics DataFlowML

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
PN1579 - Log4Shell Vulnerability Notice	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Resources

Resource	Link
source	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Patch under development
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link PN1579 - Log4Shell Vulnerability Notice. Updated community note.

Expand Details

Rockwell Automation FactoryTalk Analytics DataView

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
PN1579 - Log4Shell Vulnerability Notice	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Resources

Resource	Link
source	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Patch under development
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link PN1579 - Log4Shell Vulnerability Notice. Updated community note.

Expand Details

Rockwell Automation Industrial Data Center

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
PN1579 - Log4Shell Vulnerability Notice	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Resources

Resource	Link
source	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Follow the mitigation instructions outlined by VMware in VMSA-2021-0028
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated vendor link PN1579 - Log4Shell Vulnerability Notice. Updated community note.

Expand Details

Rockwell Automation MES EIG

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
PN1579 - Log4Shell Vulnerability Notice	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Resources

Resource	Link
source	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Product discontinued. Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions.
CISAGov	Customers should upgrade to EIG Hub if possible or work with their local representatives about alternative solutions.
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link PN1579 - Log4Shell Vulnerability Notice. Updated community note. Updated community note.

Expand Details

Rockwell Automation VersaVirtual

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
PN1579 - Log4Shell Vulnerability Notice	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Resources

Resource	Link
source	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Follow the mitigation instructions outlined by VMware in VMSA-2021-0028
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated vendor link PN1579 - Log4Shell Vulnerability Notice. Updated community note.

Expand Details

Rockwell Automation Warehouse Management

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
PN1579 - Log4Shell Vulnerability Notice	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Resources

Resource	Link
source	https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1133605

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	Patch under development
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link PN1579 - Log4Shell Vulnerability Notice. Updated community note.

Expand Details

Rollbar (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Rollbar Blog Post	https://rollbar.com/blog/log4j-zero-day-2021-log4shell/

Community Resources

Resource	Link
Rollbar Blog Post	https://rollbar.com/blog/log4j-zero-day-2021-log4shell/

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Rollbar Blog Post.
2021-12-30 21:31:50	CISAGov	Updated vendor link Rollbar Blog Post.

Expand Details

Rosette.com (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Rosette.com Support Link	https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability

Community Resources

Resource	Link
Rosette.com Support Link	https://support.rosette.com/hc/en-us/articles/4416216525965-Log4j-Vulnerability

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Rosette.com Support Link.
2021-12-30 21:31:50	CISAGov	Updated vendor link Rosette.com Support Link.

Expand Details

RSA Netwitness (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
RSA Netwitness Community Link	https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540

Community Resources

Resource	Link
RSA Netwitness Community Link	https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community link RSA Netwitness Community Link.
2021-12-30 21:31:50	CISAGov	Updated vendor link RSA Netwitness Community Link.

Expand Details

RSA NetWitness Orchestrator

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Mitigation for the ThreatConnect Application server is available, no impact described

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

RSA NetWitness Platform

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://community.rsa.com/t5/netwitness-platform-product/netwitness-apache-vulnerability-log4j2-cve-2021-44228-nbsp/ta-p/660540

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	It is possible to leak system configuration data

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

RSA SecurID Authentication Manager

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	Version 8.6 Patch 1 contains a version of log4j that is vulnerable, but this vulnerability is not exploitable.

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable.

Expand Details

RSA SecurID Authentication Manager Prime

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable.

Expand Details

RSA SecurID Authentication Manager WebTier

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable.

Expand Details

RSA SecurID Governance and Lifecycle

Vendor Data

Community Data

Not Vulnerable

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable.

Expand Details

RSA SecurID Governance and Lifecycle (SecurID G&L)

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source.

Expand Details

RSA SecurID Governance and Lifecycle Cloud

Vendor Data

Community Data

Not Vulnerable

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable.

Expand Details

RSA SecurID Governance and Lifecycle Cloud (SecurID G&L Cloud)

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated community note. Updated community link source.

Expand Details

RSA SecurID Identity Router

Vendor Data

Community Data

Not Vulnerable

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityNotVulnerable. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable.

Expand Details

RSA SecurID Identity Router (On-Prem component of Cloud Authentication Service)

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://community.rsa.com/t5/general-security-advisories-and/rsa-customer-advisory-apache-vulnerability-log4j2-cve-2021-44228/ta-p/660501

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source.

Expand Details

Rstudioapi (Multiple Products)

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://github.com/rstudio/rstudioapi

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

Rstudioapi Rstudioapi

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
https://github.com/rstudio/rstudioapi	https://github.com/rstudio/rstudioapi

Community Notes

Source	Note
CISAGov	Last Update: 2021-12-21

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link https://github.com/rstudio/rstudioapi. Updated community note.

Expand Details

Rubrik (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Rubrik Support Link	https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK

Community Resources

Resource	Link
Rubrik Support Link	https://support.rubrik.com/s/announcementdetail?Id=a406f000001PwOcAAK

Community Notes

Source	Note
NCSC-NL	This advisory is available to customers only and has not been reviewed by CISA
CISAGov	This advisory is available to customers only and has not been reviewed by CISA

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Rubrik Support Link. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated vendor link Rubrik Support Link. Updated community note.

Expand Details

Ruckus FlexMaster

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://support.ruckuswireless.com/security_bulletins/313

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	“Additional details in PDF/Text (Sign-in Required)”

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Ruckus SmartZone 100 (SZ-100)

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://support.ruckuswireless.com/security_bulletins/313

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	“Additional details in PDF/Text (Sign-in Required)”

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Ruckus SmartZone 144 (SZ-144)

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://support.ruckuswireless.com/security_bulletins/313

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	“Additional details in PDF/Text (Sign-in Required)”

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Ruckus SmartZone 300 (SZ-300)

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://support.ruckuswireless.com/security_bulletins/313

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	“Additional details in PDF/Text (Sign-in Required)”

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Ruckus Unleashed

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://support.ruckuswireless.com/security_bulletins/313

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	“Additional details in PDF/Text (Sign-in Required)”

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

Ruckus Virtual SmartZone (vSZ)

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Ruckus Wireless (support.ruckuswireless.com)	https://support.ruckuswireless.com/security_bulletins/313

Community Resources

Resource	Link
source	https://support.ruckuswireless.com/security_bulletins/313

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Vulnerable
NCSC-NL	“Additional details in PDF/Text (Sign-in Required)”
CISAGov	Last Update: 12/13/2021

Sources

Date	Attribution	Description
2022-01-03 13:10:52	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Ruckus Wireless (support.ruckuswireless.com). Updated community note.

Expand Details

RunDeck by PagerDuty (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
RunDeck Docs Link	https://docs.rundeck.com/docs/history/CVEs/

Community Resources

Resource	Link
RunDeck Docs Link	https://docs.rundeck.com/docs/history/CVEs/

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link RunDeck Docs Link.
2021-12-30 21:31:50	CISAGov	Updated vendor link RunDeck Docs Link.

Expand Details

RuneCast Analyzer

Vendor Data

Vendor Patch Exists

Community Data

Vendor Resources

Resource	Link
Runecast Release notes	https://www.runecast.com/release-notes

Community Resources

Resource	Link
source	https://www.runecast.com/blog/runecast-6-0-1-0-covers-apache-log4j-java-vulnerability

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix ; CVE-2021-45105: Fix

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link source.
2021-12-30 21:31:50	CISAGov	Updated vendorPatchExists. Updated vendor link Runecast Release notes.

Expand Details

SAE IT-systems codeIT Runtime

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems codeIT Workbench

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems connectIT

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems net-line series5

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems setIT

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems SG-50 / Kombisafe

Vendor Data

Vendor Investigating

Community Data

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link source.

Expand Details

SAE IT-systems Straton Runtime

Vendor Data

Vendor Investigating

Community Data

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link source.

Expand Details

SAE IT-systems Straton Workbench

Vendor Data

Vendor Investigating

Community Data

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link source.

Expand Details

SAE IT-systems System-4

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems T10/T7 Touch panel

Vendor Data

Vendor Investigating

Community Data

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link source.

Expand Details

SAE IT-systems visIT Runtime

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE IT-systems visIT Workbench

Vendor Data

Community Data

Not Vulnerable

Community Resources

Resource	Link
source	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html?tx_saenews_saenews%5Bnews%5D=484&tx_saenews_saenews%5Baction%5D=show&tx_saenews_saenews%5Bcontroller%5D=News&cHash=ad11bc1ce9c7212cc27d45211b855e97

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Not vuln ; CVE-2021-45046: Not vuln ; CVE-2021-45105: Not vuln

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityNotVulnerable. Updated community note. Updated community link source.

Expand Details

SAE-IT (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
SAE-IT News Link	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html

Community Resources

Resource	Link
SAE-IT News Link	https://www.sae-it.com/nc/de/news/sicherheitsmeldungen.html

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community link SAE-IT News Link.
2021-12-30 21:31:50	CISAGov	Updated vendor link SAE-IT News Link.

Expand Details

SAFE FME Server (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
SAFE FME Server Community Link	https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j

Community Resources

Resource	Link
SAFE FME Server Community Link	https://community.safe.com/s/article/Is-FME-Server-Affected-by-the-Security-Vulnerability-Reported-Against-log4j

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated community link SAFE FME Server Community Link.
2021-12-30 21:31:50	CISAGov	Updated vendor link SAFE FME Server Community Link.

Expand Details

SAGE (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
SAGE Announcement Link	https://www.sagecity.com/sage-global-solutions/sage-crm/f/sage-crm-announcements-news-and-alerts/178655/advisory-apache-log4j-vulnerability-cve-2021-44228

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link SAGE Announcement Link.

Expand Details

Sage CRM

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://support.na.sage.com/selfservice/viewdocument.do?noCount=true&externalId=113739&sliceId=1&noCount=true&isLoadPublishedVer=&docType=kc&docTypeID=DT_Article&stateId=24595&cmd=displayKC&dialogID=1363294&ViewedDocsListHelper=com.kanisa.apps.common.BaseViewedDocsListHelperImpl&openedFromSearchResults=true

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround
NCSC-NL	Sage has 3 patches in test

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source. Updated community note.

Expand Details

SailPoint (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
SailPoint Community Link	https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/ba-p/206681

Community Notes

Source	Note
CISAGov	This advisory is available to customers only and has not been reviewed by CISA

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link SailPoint Community Link. Updated community note.

Expand Details

SailPoint IdentityIQ

Vendor Data

Community Data

Vulnerable

Community Resources

Resource	Link
source	https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerability/m-p/206681#M342

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Workaround

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated communityVulnerable. Updated community note. Updated community link source.

Expand Details

Salesforce (Multiple Products)

Vendor Data

Vendor Investigating

Community Data

Community Resources

Resource	Link
source	https://status.salesforce.com/generalmessages/826

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Investigation

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorInvestigating. Updated community note. Updated community link source.

Expand Details

Salesforce Analytics Cloud

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Analytics Cloud is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce B2C Commerce Cloud

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“B2C Commerce Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce ClickSoftware (As-a-Service)

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“ClickSoftware (As-a-Service) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce ClickSoftware (On-Premise)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Please contact Customer Support.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Community Cloud

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Community Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Data.com

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Data.com is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce DataLoader

Vendor Data

Community Data

Vendor Resources

Resource	Link
Vendor Link	https://github.com/forcedotcom/dataloader/releases/tag/v53.0.1

Community Notes

Source	Note
CISAGov	Last Update: 12/22/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link Vendor Link. Updated community note.

Expand Details

Salesforce Datorama

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Datorama is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Evergage (Interaction Studio)

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Evergage (Interaction Studio) is reported to be affected by CVE-2021-44228. Services have been updated to mitigate the issues identified in CVE-2021-44228 and we are executing our final validation steps.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Force.com

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Force.com is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Heroku

Vendor Data

Community Data

Not Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Heroku is reported to not be affected by CVE-2021-44228; no further action is necessary at this time.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityNotVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Marketing Cloud

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Marketing Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce MuleSoft (Cloud)

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“MuleSoft (Cloud) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce MuleSoft (On-Premise)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Please contact Customer Support.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Pardot

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Pardot is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Sales Cloud

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Sales Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Service Cloud

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Service Cloud is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Slack

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Slack is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Social Studio

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Social Studio is reported to be affected by CVE-2021-44228. The service has a mitigation in place and is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Tableau (On-Premise)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Salesforce Statement	https://kb.tableau.com/articles/issue/Apache-Log4j2-vulnerability-Log4shell

Community Notes

Source	Note
CISAGov	Fixed in 2021.4.1
CISAGov	Last Update: 12/16/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Salesforce Tableau (Online)

Vendor Data

Community Data

Vulnerable

Vendor Resources

Resource	Link
Salesforce Statement	https://help.salesforce.com/s/articleView?id=000363736&type=1

Community Notes

Source	Note
CISAGov	“Tableau (Online) is reported to be affected by CVE-2021-44228. The service is being updated to remediate the vulnerability identified in CVE-2021-44228.”
CISAGov	Last Update: 12/15/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated communityVulnerable. Updated vendor link Salesforce Statement. Updated community note. Updated community note.

Expand Details

Sangoma (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
Sangoma Community Link	https://help.sangoma.com/community/s/article/Log4Shell

Community Resources

Resource	Link
Sangoma Community Link	https://help.sangoma.com/community/s/article/Log4Shell

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community link Sangoma Community Link.
2021-12-30 21:31:50	CISAGov	Updated vendor link Sangoma Community Link.

Expand Details

SAP (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf

Community Notes

Source	Note
CISAGov	This advisory is available to customers only and has not been reviewed by CISA
CISAGov	Last Update: 12/17/2021

Sources

Date	Attribution	Description
2021-12-30 21:31:50	CISAGov	Updated vendor link https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-center/sap-tc-01-5025.pdf. Updated community note. Updated community note.

Expand Details

SAP Advanced Platform (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
SAP Advanced Platform Support Link	https://launchpad.support.sap.com/#/notes/3130698

Community Resources

Resource	Link
SAP Advanced Platform Support Link	https://launchpad.support.sap.com/#/notes/3130698

Community Notes

Source	Note
NCSC-NL	This advisory is available to customers only and has not been reviewed by CISA
CISAGov	This advisory is available to customers only and has not been reviewed by CISA
CISAGov	Last Update: 12/17/2021

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated community link SAP Advanced Platform Support Link. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated vendor link SAP Advanced Platform Support Link. Updated community note. Updated community note.

Expand Details

SAP BusinessObjects (Multiple Products)

Vendor Data

Community Data

Vendor Resources

Resource	Link
CVE-2021-44228 - Impact of Log4j vulnerability on SAP BusinessObjects	https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/
SAP BusinessObjects Support Link	https://launchpad.support.sap.com/#/notes/3129956

Community Resources

Resource	Link
CVE-2021-44228 - Impact of Log4j vulnerability on SAP BusinessObjects	https://blogs.sap.com/2021/12/16/cve-2021-44228-impact-of-log4j-vulnerability-on-sap-businessobjects/
SAP BusinessObjects Support Link	https://launchpad.support.sap.com/#/notes/3129956

Community Notes

Source	Note
NCSC-NL	The support document is available to customers only and has not been reviewed by CISA
CISAGov	The support document is available to customers only and has not been reviewed by CISA
CISAGov	Last Update: 12/17/2021

Sources

Date	Attribution	Description
2022-01-03 13:16:44	NCSC-NL	Updated community link CVE-2021-44228 - Impact of Log4j vulnerability on SAP BusinessObjects. Updated community link SAP BusinessObjects Support Link. Updated community note.
2021-12-30 21:31:50	CISAGov	Updated vendor link CVE-2021-44228 - Impact of Log4j vulnerability on SAP BusinessObjects. Updated vendor link SAP BusinessObjects Support Link. Updated community note. Updated community note.

Expand Details

SAP BusinessObjects Business Intelligence

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-left/sap-tc-01-5025.pdf

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	(behind login)

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source. Updated community note.

Expand Details

SAP BusinessObjects Data Services

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-left/sap-tc-01-5025.pdf

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	(behind login)

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source. Updated community note.

Expand Details

SAP BusinessObjects Explorer

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-left/sap-tc-01-5025.pdf

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	(behind login)

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated community note. Updated community link source. Updated community note.

Expand Details

SAP BusinessObjects Financial Information Management

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-left/sap-tc-01-5025.pdf

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	(behind login)

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source. Updated community note.

Expand Details

SAP BusinessObjects Knowledge Accelerator

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-left/sap-tc-01-5025.pdf

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	(behind login)

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source. Updated community note.

Expand Details

SAP Customer Checkout PoS / manager

Vendor Data

Vendor Patch Exists

Community Data

Community Resources

Resource	Link
source	https://launchpad.support.sap.com/#/notes/0003130499

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix
NCSC-NL	SAP note 3130499

Sources

Date	Attribution	Description
2021-12-31 9:06:53	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link source. Updated community note.

Expand Details

SAP Hana Cockpit

Vendor Data

Vendor Patch Exists

Community Data

Community Resources

Resource	Link
source	https://blogs.sap.com/2021/12/14/hana-xsa-log4j-cve-2021-44228/

Community Notes

Source	Note
NCSC-NL	CVE-2021-4104: Not vuln ; CVE-2021-44228: Fix ; CVE-2021-45046: Fix ; CVE-2021-45105: Fix

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated vendorPatchExists. Updated community note. Updated community link source.

Expand Details

SAP HANA Database

Vendor Data

Community Data

Community Resources

Resource	Link
source	https://support.sap.com/content/dam/support/en_us/library/ssp/my-support/trust-left/sap-tc-01-5025.pdf

Community Notes

Source	Note
NCSC-NL	CVE-2021-44228: Not vuln
NCSC-NL	(behind login)

Sources

Date	Attribution	Description
2021-12-27 15:29:04	NCSC-NL	Updated community note. Updated community link source. Updated community note.

Expand Details