Information on Log4j Vulnerability / CVE-2021-44228

Hi all, another vulnerability – log4j – is keeping us all on our toes.
In this blog article you will find information about log4j from our vendors.

Fortinet

General Information
PSIRT Information
There are already a lot of Technical Tips in the Community – search for “log4j”

Palo Alto Networks

CVE information: https://security.paloaltonetworks.com/CVE-2021-44228
Information from Unit42
Palo Alto Networks official Blog
Prisma Cloud Blog

OneSpan

CVE Information: https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776

SEPPmail

Not affected, does not use any Java

WatchGuard

Firebox, WatchGuard System Manager, Dimension, WatchGuard EPDR and Panda AD360 are all not affected.
https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/

FUDO

Fudo does not use Java or Log4J and is therefore not affected by the vulnerability.

Rapid7

Blog article with information on vulnerable products:
https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/

Alcatel Lucent Enterprise

Most of the ALE products are not effected. Only some of them need an update.
Please find details in the Security Advisory (login neccessary):
https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065673

Kaspersky

Supported Kaspersky products are not affected by the CVE-2021-44228 or CVE-2021-45046 vulnerabilities.

CVE Information: https://securelist.com/cve-2021-44228-vulnerability-in-apache-log4j-library/105210/
General information: https://www.kaspersky.com/blog/log4shell-critical-vulnerability-in-apache-log4j/43124/

Proofpoint

https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability

 728 total views,  1 views today

Leave a Reply

Your email address will not be published.