Operational information regarding the vulnerability in the Log4j logging library.

Last update: Dec 26, 2022

Overview

Log4j Vulnerability (CVE-2021-44228)

This repo contains operational information regarding the vulnerability in the Log4j logging library (CVE-2021-44228). For additional information see:

Repository contents

Directory	Purpose
hunting	Contains info regarding hunting for exploitation
iocs	Contains any Indicators of Compromise, such as scanning IPs, etc
mitigation	Contains info regarding mitigation, such as regexes for detecting scanning activity and more
scanning	Contains references to methods and tooling used for scanning for the Log4j vulnerability
software	Contains a list of known vulnerable and not vulnerable software
tools	Contains a list of tools for automatically parsing info on this repo

Please note that these directories are not complete, and are currently being expanded.

NCSC-NL has published a HIGH/HIGH advisory for the Log4j vulnerability. Normally we would update the HIGH/HIGH advisory for vulnerable software packages, however due to the extensive amounts of expected updates we have created a list of known vulnerable software in the software directory.

Contributions welcome

If you have any additional information to share relevant to the Log4j vulnerability, please feel free to open a Pull request. New to this? Read how to contribute in GitHub's documentation.

Thank you

Dear contributors, partners all over the world,

We have received an impressive/enormous number of pull requests on this repo. It contains vital information that contributes to the situational overview around the Log4j vulnerability. The list of vulnerable applications is currently one of the most up-to-date ones with continuous input from across the globe. It is still expanding and we are working hard to process all the contributions.

Due to our joint efforts and strong cooperation we are confident that we will be better equipped to manage this situation.

Thank you all very much for your hard work and we keep welcoming your input via GitHub.

Comments

APC - PowerChute Business Edition

Not visible anything on their site yet:

C:\Program Files (x86)\APC\PowerChute Business Edition\agent\lib>dir | findstr log4j

10-12-2020 18:42 264,058 log4j-api-2.11.1.jar 10-12-2020 18:42 1,607,936 log4j-core-2.11.1.jar 10-12-2020 18:42 23,242 log4j-slf4j-impl-2.11.1.jar

PowerChute Business Edition - 10.0.2.301
investigate

opened by OS3DrNick 8
ESET Secure Authentication

ESET states that they're not vulnerable, but we have various companies that Have ESET Secure Authentication installed and perform a scan for files, then we see that log4j is included in ESET Secure Authentication in the Elasticsearch component which they're shipping in their binary.

[2021-12-16 10:19:27.784944] VULNERABLE: C:\Program Files\ESET Secure Authentication\elasticsearch\lib\log4j-core-2.11.1.jar -> org\apache\logging\log4j\core\net\JndiManager.class [04fdd701809d17465c17c7e603b1b202: log4j 2.9.0 - 2.11.2]

[2021-12-16 10:19:28.847458] VULNERABLE: C:\Program Files\ESET Secure Authentication\elasticsearch\search-guard-tlstool-1.7\deps\log4j-core-2.11.1.jar -> org\apache\logging\log4j\core\net\JndiManager.class [04fdd701809d17465c17c7e603b1b202:log4j 2.9.0 - 2.11.2]
software PR-requested

opened by nvaert1986 6
Add Waters product statement
Add product statement for family of Waters informatics solutions

Thank you for your contribution! Some pointers to get it merged quickly:

For contributions in software/:

[x ] PR Title: Please use "Add <vendor/product name>" (instead of "Update README.md")

[x ] Status: please select a value from the status table at the top

[ x] Version: Status Vulnerable / Workaround? -> List vulnerable versions. Status Fix? -> List fixed versions.

[x ] Links: make sure you link to a public statement by the developer. Alternatively, include and link a file in the software/vendor-statements/ directory

[x ] Please mind the sorting

software Stale
opened by StefanTIB 5
Update voor Dell EMC Unity

Dell EMC heeft versie 5.1.2.0.5.007 voor de Dell EMC Unity uitgebracht. "This release addresses the Apache Log4j issue", maar aangezien er (nog) geen release notes beschikbaar zijn weet ik niet welke van de CVE's wel of niet verholpen zijn.

opened by dennixxNL 5
Add Fedex Ship Manager
Updated Fedex Ship Manager to 3509, adding notes about pending 3510 update 1/24.

Thank you for your contribution! Some pointers to get it merged quickly:

For contributions in software/:

[ ] PR Title: Please use "Add <vendor/product name>" (instead of "Update README.md")

[ ] Status: please select a value from the status table at the top

[ ] Version: Status Vulnerable / Workaround? -> List vulnerable versions. Status Fix? -> List fixed versions.

[ ] Links: make sure you link to a public statement by the developer. Alternatively, include and link a file in the software/vendor-statements/ directory

[ ] Please mind the sorting

software Stale
opened by Gadgetgeek2000 5
FEDEX Ship Manager

Following files were found on the FEDEX Ship Manager server installation, version 3508:

C:\Program Files (x86)\FedEx\ShipManager\BIN\OfflineFastServicePublisher_lib\log4j-api-2.8.2.jar C:\Program Files (x86)\FedEx\ShipManager\BIN\OfflineFastServicePublisher_lib\log4j-core-2.8.2.jar C:\Program Files (x86)\FedEx\ShipManager\BIN\OfflineFastServicePublisher_lib\log4j-jcl-2.8.2.jar C:\Program Files (x86)\FedEx\ShipManager\BIN\OfflineFastServicePublisher_lib\log4j-slf4j-impl-2.8.2.jar C:\Program Files (x86)\FedEx\ShipManager\BIN\OfflineFastServicePublisher_lib\log4jna-api-2.0.jar
software PR-requested

opened by Gadgetgeek2000 5
Add Beyond Compare and Bitwarden not vuln
Neighter are vuln Beyondcompare makes the remark in the footer of there site.

Thank you for your contribution! Some pointers to get it merged quickly:

For contributions in software/:

Status: please select a value from the status table at the top

Version: Status Vulnerable / Workaround? -> List vulnerable versions. Status Fix? -> List fixed versions.

Links: make sure you link to a public statement by the developer. Alternatively, include and link a file in the software/vendor-statements/ directory

Please mind the sorting

Please put vendor/product name in PR title (instead of "Update README.md")
opened by abtomat-inf 5
Added note from Schneider Electric about APC software
Thank you for your contribution! Some pointers to get it merged quickly:

For contributions in software/:

Status: please select a value from the status table at the top

Version: Status Vulnerable / Workaround? -> List vulnerable versions. Status Fix? -> List fixed versions.

Links: make sure you link to a public statement by the developer. Alternatively, include and link a file in the software/vendor-statements/ directory

Please mind the sorting

Please put vendor/product name in PR title (instead of "Update README.md")
opened by ipbgeek 5
Add Fujifilm to software list
from advisory sent by vendor

Thank you for your contribution! Some pointers to get it merged quickly:

For contributions in software/:

[x] PR Title: Please use "Add <vendor/product name>" (instead of "Update README.md")

[x] Status: please select a value from the status table at the top

[x] Version: Status Vulnerable / Workaround? -> List vulnerable versions. Status Fix? -> List fixed versions.

[x] Links: make sure you link to a public statement by the developer. Alternatively, include and link a file in the software/vendor-statements/ directory

[x] Please mind the sorting

software Stale
opened by alkajazz 4
Update software_list_s.md
Updated Stormshield with specific advisory for StormShield Visibility Center (only product announced vulnerable to CVE-2021-44228) Updated SonicWall product list based on v2.3 of their advisory

Thank you for your contribution! Some pointers to get it merged quickly:

For contributions in software/:

[x] PR Title: Please use "Add <vendor/product name>" (instead of "Update README.md")

[x] Status: please select a value from the status table at the top

[x] Version: Status Vulnerable / Workaround? -> List vulnerable versions. Status Fix? -> List fixed versions.

[x] Links: make sure you link to a public statement by the developer. Alternatively, include and link a file in the software/vendor-statements/ directory

[x] Please mind the sorting

software
opened by anssi-cvp 4
please improve formatting quality
The quality of markdown tables is slowly deteriorating:

some entries don't have a trailing |, some do

some table uses a different separator than |:----, namely |----

This makes it hard for automated parsing tools to access the data.

Doing a one-shot cleanup and sending a pull request fixing half the entries would not be wise, because it would make all the other waiting pull requests unmergeable. Also, implementing a commit hook would make the entire file un-commitable.

My idea would be to

fix |:--- manually

ask contributors for a more rigid input formatting

add a pre-merge-commit hook, that would only check the diff for violations of the code, so that the old code can still be ugly (for some time)

software PR-requested
opened by milankowww 4

Releases(log4shell_info_20220615)

log4shell_info_20220615(Jun 15, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(1002.94 KB)
software_list.json(2.04 MB)
log4shell_info_20220614(Jun 14, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.79 KB)
software_list.json(1.99 MB)
log4shell_info_20220613(Jun 14, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220612(Jun 12, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220611(Jun 12, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220610(Jun 10, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220609(Jun 9, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220608(Jun 8, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220607(Jun 7, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220606(Jun 7, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220605(Jun 5, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220604(Jun 4, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220603(Jun 3, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220602(Jun 2, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220601(Jun 1, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220531(May 31, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220530(May 30, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220529(May 29, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220528(May 28, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220527(May 27, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220525(May 25, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220524(May 24, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220523(May 23, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220522(May 22, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220521(May 21, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220520(May 20, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220519(May 19, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220518(May 18, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220517(May 17, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)
log4shell_info_20220516(May 16, 2022)

Source code(tar.gz)
Source code(zip)
software_list.csv(981.80 KB)
software_list.json(1.99 MB)

Owner

Nationaal Cyber Security Centrum (NCSC-NL)

GitHub Repository

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ