Article

Log4j Vendor Advisories

Get updates directly from software vendors affected by the Log4j vulnerability.

December 20, 2021

The Log4j vulnerability is a critical, widespread issue that is likely to affect most organizations. At-Bay is actively working with businesses to resolve security issues related to this vulnerability.

If your business has received a Security Alert regarding software products exposed to the Log4j vulnerability, please scroll down to find the exposed product. The corresponding link will direct you to an advisory from the software vendor, which provides additional guidance on how to remediate the issue.

We will continue to add new advisories to this list as they become available. For more information regarding the Log4j vulnerability, please refer to our Log4j Security Alert.

Apache

https://blogs.apache.org/security/entry/cve-2021-44228

VMware

https://www.vmware.com/security/advisories/VMSA-2021-0028.html

Oracle WebLogic

https://www.oracle.com/security-alerts/alert-cve-2021-44228.html

Ubiquiti/Unifi

https://community.ui.com/releases/Security-Advisory-Bulletin-023-023/808a1db0-5f8e-4b91-9097-9822f3f90207

MobileIron

https://forums.ivanti.com/s/article/Security-Bulletin-CVE-2021-44228-Remote-code-injection-in-Log4j?language=en_US

Atlassian

https://confluence.atlassian.com/kb/faq-for-cve-2021-44228-1103069406.html

Cisco

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd

NetApp

https://security.netapp.com/advisory/ntap-20211210-0007/

Splunk

https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html