Hi all, another vulnerability – log4j – is keeping us all on our toes.
In this blog article you will find information about log4j from our vendors.
Fortinet
General Information
PSIRT Information
There are already a lot of Technical Tips in the Community – search for “log4j”
Palo Alto Networks
CVE information: https://security.paloaltonetworks.com/CVE-2021-44228
Information from Unit42
Palo Alto Networks official Blog
Prisma Cloud Blog
OneSpan
CVE Information: https://www.onespan.com/remote-code-execution-vulnerability-in-log4j2-cve-2018-11776
SEPPmail
Not affected, does not use any Java
WatchGuard
Firebox, WatchGuard System Manager, Dimension, WatchGuard EPDR and Panda AD360 are all not affected.
https://www.secplicity.org/2021/12/10/critical-rce-vulnerability-in-log4js/
FUDO
Fudo does not use Java or Log4J and is therefore not affected by the vulnerability.
Rapid7
Blog article with information on vulnerable products:
https://www.rapid7.com/blog/post/2021/12/14/update-on-log4shells-impact-on-rapid7-solutions-and-systems/
Alcatel Lucent Enterprise
Most of the ALE products are not effected. Only some of them need an update.
Please find details in the Security Advisory (login neccessary):
https://alcatel-lucent-enterprise.secure.force.com/knowledgebp/articles/Customer_Care_Article/000065673
Kaspersky
Supported Kaspersky products are not affected by the CVE-2021-44228 or CVE-2021-45046 vulnerabilities.
CVE Information: https://securelist.com/cve-2021-44228-vulnerability-in-apache-log4j-library/105210/
General information: https://www.kaspersky.com/blog/log4shell-critical-vulnerability-in-apache-log4j/43124/
Proofpoint
https://www.proofpoint.com/us/blog/corporate-news/proofpoints-response-log4j-vulnerability
