~ 16 min read

CVE-2021-44228 (Log4j RCE) Advisories and Announcements from various Cloud platforms and SaaS providers

A list containing links to the advisories and security announcements published by various Cloud platforms and SaaS providers regarding CVE-2021-44228, the Log4j Remote Unauthenticated Code Execution vulnerability.

There is a lot of information floating out there about which vendors are affected and how they are dealing with mitigating CVE-2021-44228. This blog post is to list the links to various advisories and announcements by different Cloud platform vendors and SaaS providers. You can use this post to search for a particular provider and use the link posted to fetch updated information. Please check back periodically to get new updated information as we progress.

Cloud Platform: AWS

Service: AWS Systems Manager
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Service Catalog
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Certificate Manage
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS AppSync
Status: Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon VPC
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Rekognition
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon RDS
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Monitron
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Macie Classic
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Macie
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Lookout for Equipment
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Lex
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Kendra
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Fraud Detector
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Chime
Status: Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon EKS
Status: Hot patch available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon ECS
Status: Hot patch available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Fargate
Status: Hot patch available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon ECR
Status: Not Vulnerable to CVE-2021-44228
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Cognito
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Pinpoint
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon EventBridge
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Elastic Load Balancing
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS CodePipeline
Status: Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS CodeBuild
Status: Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Route53
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Linux
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon SageMaker
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Athena
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon AppFlow
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Polly
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon QuickSight
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Textract
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Corretto
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Kinesis
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Inspector
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Inspector Classic
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon WorkSpaces/AppStream 2.0
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Timestream
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon DocumentDB
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon CloudWatch
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Secrets Manager
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Single Sign-On
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon RDS Oracle
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Cloud Directory
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Simple Queue Service (SQS)
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS KMS
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Redshift
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Lambda
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon API Gateway
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Cloudfront
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Connect
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon DynamoDB
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon EC2
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon ElastiCache
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon EMR
Status: Vulnerable (EMR 5 and EMR 6 releases)
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS IoT SiteWise Edge
Status: Updates available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Keyspaces (for Apache Cassandra)
Status: Updates available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Kinesis Data Analytics
Status: Updates available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 14th Dec 2021

Service: Amazon Kinesis Data Stream
Status: Updates available for KCL 1.x
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Managed Streaming for Apache Kafka (MSK)
Status: Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Managed Workflows for Apache Airflow (MWAA)
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon MemoryDB for Redis
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon MQ
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Neptune
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon OpenSearch Service
Status: Updates available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon RDS
Status: Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon S3
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Simple Notification Service (SNS)
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: Amazon Simple Workflow Service (SWF)
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS CloudHSM
Status: Updates Available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Elastic Beanstalk
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Glue
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Greengrass
Status: Updates available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Lake Formation
Status: Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS SDK
Status: Not Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: AWS Step Functions
Status: Partially Fixed
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 17th Dec 2021

Service: NICE
Status: Updates available
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 14th Dec 2021

Service: AMS
Status: Vulnerable
Link: https://aws.amazon.com/security/security-bulletins/AWS-2021-006/
Last Advisory Update: 14th Dec 2021

Cloud Platform: Atlassian

Service: Atlassian Cloud Products
Status: Fixed
Link: https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
Link: https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html
Last Advisory Update: 17th Dec 2021

Cloud Platform: Azure

Service: Azure Arc-enabled Data Services
Status: Updates available
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20thDec 2021

Service: Azure App Service (Windows and Linux)
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-App-Service-(Windows-and-Linux)
Last Advisory Update: 20th Dec 2021

Service: Azure Application Gateway
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-Application-Gateway,-Azure-Front-Door,-and-Azure-WAF
Last Advisory Update: 20th Dec 2021

Service: Azure Front Door
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-Application-Gateway,-Azure-Front-Door,-and-Azure-WAF
Last Advisory Update: 20th Dec 2021

Service: Azure WAF
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-Application-Gateway,-Azure-Front-Door,-and-Azure-WAF
Last Advisory Update: 20th Dec 2021

Service: Azure Functions
Status: Updates available
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-Functions
Last Advisory Update: 20th Dec 2021

Service: Azure HDInsights
Status: Fixed
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-HDInsights
Last Advisory Update: 20th Dec 2021

Service: Azure Spring Cloud
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/#Azure-Spring-Cloud
Last Advisory Update: 20th Dec 2021

Service: Cosmos DB SDKs
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: Cosmos DB Spring Connector
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: Cosmos DB Spark Connector
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: Microsoft Azure AD
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: Minecraft: Java Edition
Status: Fixed
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: SQL Server (on Windows) โ€“ all editions
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: SQL Server (on Linux) โ€“ all editions
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: SQL Server 2019 Big Data Clusters
Status: Updates available
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Service: SQL Server on Azure VM/IaaS
Status: Not Vulnerable
Link: https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
Last Advisory Update: 20th Dec 2021

Cloud Platform: Datadog

Service: Datadog Agent
Status: Fix and updates available
Link: https://www.datadoghq.com/log4j-vulnerability/
Last Advisory Update: 18th Dec 2021

Service: datadog-lambda-java
Status: Updates available
Link: https://www.datadoghq.com/log4j-vulnerability/
Last Advisory Update: 18th Dec 2021

Service: datadog-kafka-connect-logs
Status: Updates available
Link: https://www.datadoghq.com/log4j-vulnerability/
Last Advisory Update: 18th Dec 2021

Service: All other supported products
Status: Not Vulnerable
Link: https://www.datadoghq.com/log4j-vulnerability/
Last Advisory Update: 18th Dec 2021

Cloud Platform: GCP

Service: Actifio
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Apigee
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: AppSheet
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: BigQuery
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: BigQuery Omni
Status: Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Cloud Bigtable
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Cloud Composer
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Cloud Spanner
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Cloud SQL
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Data Catalog
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Database Migration Service (DMS)
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Dataflow
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Data Fusion
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Dataproc
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Dataproc Metastore
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Datastore
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Datastream
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Firestore
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Google Cloud VMWareEngine
Status: Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Looker
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Memorystore
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: M4CE
Status: Fixed
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Pub/Sub
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Service: Pub/Sub Lite
Status: Not Vulnerable
Link: https://cloud.google.com/log4j2-security-advisory
Last Advisory Update: 20th Dec 2021

Cloud Platform: GitHub

Service: GitHub.com
Status: Fixed
Link: https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
Last Advisory Update: 17th Dec 2021

Service: GitHub Enterprise Cloud
Status: Fixed
Link: https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/
Last Advisory Update: 17th Dec 2021

Cloud Platform: Salesforce

Service: Sales Cloud
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Service Cloud
Status: Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Experience (Community) Cloud
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 15th Dec 2021

Service: B2C Commerce Cloud
Status: Vulnerable
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Analytics Cloud
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Force.com
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Social Studio
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 15th Dec 2021

Service: Datorama
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Pardot
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 15th Dec 2021

Service: Data.com
Status: Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Heroku
Status: Not Vulnerable
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Marketing Cloud
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: MuleSoft (Cloud)
Status: Vulnerable
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: ClickSoft (As-a-Service)
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 15th Dec 2021

Service: Tableau (Online)
Status: Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Slack
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Evergage (Interaction Studio)
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Quip
Status: Partially Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: Philanthropy Cloud
Status: Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Service: AppExchange
Status: Fixed
Link: https://help.salesforce.com/s/articleView?id=000363736&type=1
Last Advisory Update: 20th Dec 2021

Cloud Platform: Cloudflare

Service: Cloudflare
Status: Fixed
Link: https://blog.cloudflare.com/how-cloudflare-security-responded-to-log4j2-vulnerability/
Last Advisory Update: 13th Dec 2021

Cloud Platform: Elastic

Service: Elastic Cloud
Status: Updates Available
Link: https://discuss.elastic.co/t/apache-log4j2-remote-code-execution-rce-vulnerability-cve-2021-44228-esa-2021-31/291476
Last Advisory Update: 19th Dec 2021

Cloud Platform: MongoDB

Service: MongoDB Atlas Search
Status: Updated to log4j v.2.16.0
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Service: All other components of MongoDB Atlas (including Atlas Database, Data Lake, Charts)
Status: Not Vulnerable
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Service: MongoDB Enterprise Advanced
Status: Not Vulnerable
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Service: MongoDB Community Edition
Status: Not Vulnerable
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Service: MongoDB Drivers
Status: Not Vulnerable
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Service: MongoDB Tools
Status: Not Vulnerable
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Service: MongoDB Realm
Status: Not Vulnerable
Link: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb
Last Advisory Update: 18th Dec 2021

Cloud Platform: 1Password

Service: All products and services
Status: Not Vulnerable
Link: https://1password.community/discussion/comment/622773
Link: https://1password.community/discussion/comment/622615
Last Advisory Update: 13th Dec 2021 and 14th Dec 2021

Cloud Platform: SonarSource

Service: SonarCloud
Status: Fixed
Link: https://community.sonarsource.com/t/sonarqube-sonarcloud-and-the-log4j-vulnerability/54721
Last Advisory Update: 16th Dec 2021

Cloud Platform: Jenkins

Service: Jenkins Core
Status: Not Vulnerable
Link: https://www.jenkins.io/blog/2021/12/10/log4j2-rce-CVE-2021-44228/
Last Advisory Update: 10th Dec 2021

Service: Audit Log Plugin
Status: updated to 2.16.0 in 1.3
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: bootstrapped-multi-test-results-report Plugin
Status: Vulnerable
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Checkmarx Plugin
Status: updated to 2.16.0 in 2021.4.3
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: CMake Plugin
Status: Not vulnerable (for non-obsolete versions)
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Cucumber reports Plugin
Status: Not vulnerable (for non-obsolete versions)
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Micro Focus Application Automation Tools Plugin
Status: Fixed
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: lambdatest-automation Plugin
Status: Fixed
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Peass-CI Plugin
Status: Fixed
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Pipeline: HuaweiCloud Steps Plugin
Status: Vulnerable
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Reliza Integration Plugin
Status: Fixed
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Semantic Versioning Plugin
Status: Not vulnerable (for non-obsolete versions)
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Talend Plugin
Status: Fixed
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Bitbar Run-in-Cloud Plugin
Status: Vulnerable
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Thundra Foresight Plugin
Status: Vulnerable
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Venafi Machine Identity Management Plugin
Status: Vulnerable
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Service: Xray - Test Management for Jira Plugin
Status: updated to 2.16.0 in 2.5.2.1
Link: https://issues.jenkins.io/browse/JENKINS-67353?jql=labels%20%3D%20CVE-2021-44228#
Last Advisory Update: 20th Dec 2021

Cloud Platform: CleverTap

Service: CleverTap
Status: Not Vulnerable
Link: https://clevertap.com/blog/zero-day-rce-exploit-found-in-log4j/
Last Advisory Update: 15th Dec 2021

Cloud Platform: Tailscale

Service: Tailscale
Status: Vulnerable(Some of the service providers for Tailscale are vulnerable, though the core infrastructure of Tailscale is not vulnerable)
Link: https://github.com/tailscale/tailscale/issues/3550
Last Advisory Update: 16th Dec 2021

Cloud Platform: DigitalOcean

Service: Droplets
Status: Fixed
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Marketplace
Status: Update in progress
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Kubernetes
Status: Not Vulnerable
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: App Platform
Status: Not Vulnerable
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Spaces
Status: Not Vulnerable
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Volumes
Status: Not Vulnerable
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Images (Snapshots, Backups, and Custom Images)
Status: Update in progress
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Managed Databases
Status: Not Vulnerable
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Service: Networking
Status: Not Vulnerable
Link: https://www.digitalocean.com/blog/digitaloceans-response-to-the-log4j-security-vulnerability/
Last Advisory Update: 13th Dec 2021

Cloud Platform: Zoom

Service: Zoom Meetings, Zoom Events, Zoom Video Webinars, OnZoom
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom for Government
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom Phone
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom Rooms and Zoom for Home
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom Chat
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom Marketplace
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom Developer Platform APIs & SDKs
Status: Fixed
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom On-Premises Deployment
Status: Not Vulnerable
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Services Provided by Third Parties
Status: Not Clear
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Device Partners for Zoom Phone and Zoom Rooms
Status: Not Clear
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Service: Zoom Apps
Status: Not Clear
Link: https://explore.zoom.us/en/trust/security/security-bulletin/security-bulletin-log4j/?=nocache
Last Advisory Update: 16th Dec 2021

Cloud Platform: Citrix

Service: Citrix Gateway (NetScaler Gateway)
Status: Not Vulnerable
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Application Delivery Management (NetScaler MAS)
Status: Not Vulnerable
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Cloud Connector
Status: Not Vulnerable
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Connector Appliance for Cloud Services
Status: Not Vulnerable
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Content Collaboration (ShareFile Integration) โ€“ Citrix Files for Windows, Citrix Files for Mac, Citrix Files for Outlook
Status: Not Vulnerable
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Endpoint Management (Citrix XenMobile Server)
Status: Partial updates available
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Virtual Apps and Desktops (XenApp & XenDesktop)
Status: Updates available
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

Service: Citrix Workspace App
Status: Not Vulnerable
Link: https://support.citrix.com/article/CTX335705
Last Advisory Update: 20th Dec

โ€

;