List of software (un)affected by the log4shell CVEs
June 15, 2022 · View on GitHub
0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
O
| Supplier | Product | Version (see Status) | Status CVE-2021-4104 | Status CVE-2021-44228 | Status CVE-2021-45046 | Status CVE-2021-45105 | Notes | Links |
|---|---|---|---|---|---|---|---|---|
| OpenText | All | link | ||||||
| Opto 22 | GROOV-AR1, GROOV-AR1-BASE, GROOV-AR1-SNAP | < 4.3g | Fix | The Log4j vulnerability affects all products running groov View software | link | |||
| Opto 22 | GROOV-AT1, GROOV-AT1-SNAP | < 4.3g | Fix | The Log4j vulnerability affects all products running groov View software | link | |||
| Opto 22 | GROOV-SVR-WIN, GROOV-SVR-WIN-BASE, GROOV-SVR-WIN-SNAP | < 4.3g | Fix | The Log4j vulnerability affects all products running groov View software | link | |||
| Opto 22 | GRV-EPIC-PR1, GRV-EPIC-PR2 | < 3.3.2 | Fix | The Log4j vulnerability affects all products running groov View software | link | |||
| Objectif Lune | All | Objectif Lune Blog Post | ||||||
| Obsidian Dynamics | kafdrop | All | Investigation | source | ||||
| OCLC | All | All | Not vuln | Fix | source | |||
| Octopus | All | Octopus Advisory | ||||||
| Ogest | All | All | Not vuln | Not vuln | Not vuln | Not vuln | source | |
| Okta | Access Gateway | Not vuln | source | |||||
| Okta | AD Agent | Not vuln | source | |||||
| Okta | Advanced Server Access | Not vuln | source | |||||
| Okta | Browser Plugin | Not vuln | source | |||||
| Okta | IWA Web Agent | Not vuln | source | |||||
| Okta | LDAP Agent | Not vuln | source | |||||
| Okta | Mobile | Not vuln | source | |||||
| Okta | On-Prem MFA Agent | <1.4.6 | Not vuln | Fix | source fix | |||
| Okta | Radius Server Agent | 2.17.0 | Not vuln | Fix | source/fix | |||
| Okta | RADIUS Server Agent | < 2.17.0 | Vulnerable | Okta RADIUS Server Agent CVE-2021-44228 Okta | ||||
| Okta | Verify | Not vuln | source | |||||
| Okta | Workflow | Not vuln | source | |||||
| Okta | Workflows | Not vuln | Not vuln | Not vuln | Not vuln | Okta’s response to CVE-2021-44228 (“Log4Shell”) Okta Security | ||
| Olympus | Medical Products | All | Not Vuln | source | ||||
| OneSpan | Authentication Appliance | Vulnerable | Fix availability will be announced soon | source | ||||
| OneSpan | Authentication Server | Vulnerable | Fix availability will be announced soon | source | ||||
| OneSpan | Digipass Gateway | Vulnerable | Fix availability will be announced soon | source | ||||
| OneSpan | Mobile Security Suite | 4.31.1 | Not vuln | Fix | source | |||
| OneSpan | Sign | Vulnerable | Fix availability will be announced soon | source | ||||
| Open Text | Content Server | 21.3, 21.4 | Not vuln | Vulnerable | source | |||
| Open Text | Extended ECM for Microsoft Office 365 | 21.3, 21.4 | Not vuln | Vulnerable | source | |||
| Opengear | All | Opengear Link | ||||||
| openHAB | All | 3.0.4, 3.1.1 | Not vuln | Fix | source | |||
| OpenMRS | Talk | 2.4.0-2.4.1 | Vulnerable | Mitigations are available, pending a new release | source | |||
| OpenMRS TALK | All | OpenMRS TALK Link | ||||||
| OpenNMS | Horizon (including derived Sentinels) | < 29.0.3 | Not vuln | Fix | Workarounds are available too for earlier versions | source | ||
| OpenNMS | Meridian (including derived Minions and Sentinels) | < 2021.1.8, 2020.1.15, 2019.1.27 | Not vuln | Fix | Workarounds are available too for earlier versions | source | ||
| OpenNMS | Minion appliance | Not vuln | Fix | source | ||||
| OpenNMS | PoweredBy OpenNMS | Not vuln | Workaround | source | ||||
| Openpath (Motorola) | All | Not vuln | Not vuln | Not vuln | Not vuln | source | ||
| OpenSearch | All | < 1.2.1 | Not vuln | Fix | source | |||
| OpenVPN | All | Not vuln | Not vuln | Not vuln | Not vuln | source | ||
| Oracle | Access Manager | Not vuln | source Support note 2827611.1 | |||||
| Oracle | Data Integrator (ODI) | >= 12.2.1.3.210119, Marketplace - >= 2.1.0 | Not vuln | Workaround | Patch Available, Support Note 2827793.1 | source Support note 2827611.1 Support Note 2827793.1 | ||
| Oracle | Database | Not vuln | source Support note 2827611.1 | |||||
| Oracle | eBusiness Suite | Not vuln | Workaround | MOS note 2827804.1 | source Support note 2827611.1 | |||
| Oracle | Enterprise Manager | Not vuln | source Support note 209768.1 Support note 2827611.1 | |||||
| Oracle | Enterprise Repository | Not vuln | Workaround | Mitigation, Support Note 2827793.1 | source Support note 2827611.1 Support Note 2827793.1 | |||
| Oracle | Forms | Not vuln | source Support note 2827611.1 | |||||
| Oracle | Fusion Middleware | 12.2.1.3.0 to 12.2.1.4.0 | Not vuln | Fix | source Support note 209768.1 Support note 2827611.1 MOS note 2827793.1 | |||
| Oracle | Golden Gate | Not vuln | source Support note 2827611.1 | |||||
| Oracle | HTTP Server | Not vuln | source Support note 209768.1 Support note 2827611.1 | |||||
| Oracle | Internet Directory | Not vuln | source Support note 209768.1 Support note 2827611.1 | |||||
| Oracle | JDeveloper | Not vuln | Workaround | Mitigation Available, Support Note 2827793.1 | source Support note 2827611.1 Support Note 2827793.1 | |||
| Oracle | NoSQL Database | Not vuln | source Support note 2827611.1 | |||||
| Oracle | Policy Automation (OPA) | Not vuln | Fix | source Support note 2827611.1 | ||||
| Oracle | SOA Suite | Not vuln | source Support note 2827611.1 | |||||
| Oracle | SQL Developer | 21.4.1 | Not vuln | Fix | source | |||
| Oracle | VM VirtualBox | Not vuln | source Support note 2827611.1 | |||||
| Oracle | WebCenter Portal | 12.2.1.3 & 12.2.1.4 | Not vuln | Workaround | MOS note 2827977.1 using Elasticsearch which uses Log4j 2.X jars | source Support note 2827611.1 | ||
| Oracle | WebCenter Sites | Not vuln | Workaround | Mitigation Available, Support Note 2827793.1 | source Support note 2827611.1 Support Note 2827793.1 | |||
| Oracle | WebLogic Server | 12.2.1.3.0 to 14.1.1.0.0 | Not vuln | Fix | source Support note 209768.1 Support note 2827611.1 MOS Note 2827793.1 | |||
| Orgavision | All | Orgavision Link | ||||||
| Osirium | All | Not vuln | Not vuln | Not vuln | Not vuln | source | ||
| OTRS | All | Not vuln | source | |||||
| Ovarro | AlarmVision | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Atrium | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | BurstDetect | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | CA Tools | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | ControlPoint | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | DSG | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | EDGE Connect | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | EDGE Connect+ | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Enigma | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Enigma3m/Phocus3m/Enigma4G/IOT | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | EnigmaWeb | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Eureka3 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Eureka5 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Flowsure | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | IOT-Connector | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Kingfisher CP12 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Kingfisher CP30 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Kingfisher CP35/MC35 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | LeakVision/LeakInsight | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | LoggerVision | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Mikron3 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Mikron5 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Miser | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | MS-CPU42 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Other software packages (Adroit/DX-Server) | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Phocus3 (IR & Radio) | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Pioneer | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | PrimeWeb | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | S2000 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | S2000 Micro | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | S2000 Micro Mk2 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | S2000 Mk2 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | S2000 Nano | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | SCOPE | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | Stream | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | TBox LT2/TG2 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | TBox MS-CPU32 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | TBox MS-CPU32-S2 | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | TConnect | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | ToolBox | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | ToolBoxPlus | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | TWinSoft | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | XiLog+ | Not vuln | Not vuln | Not vuln | source | |||
| Ovarro | XiLog4G/IOT | Not vuln | Not vuln | Not vuln | source | |||
| OVHCloud | Hosted Private Cloud powered by VMware | Vulnerable | Deploying the workarounds provided by VMWare | source | ||||
| OVHCloud | Logs Data Platform | Not vuln | Fix | source | ||||
| OVHCloud | ML serving | Not vuln | Fix | source | ||||
| OVHCloud | OVHcloud Internal Systems | Not vuln | Investigation | source | ||||
| OWASP | ZAP | < 2.11.1 | Not vuln | Fix | source | |||
| Owncloud | All | Not vuln | source | |||||
| OxygenXML | Author | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | Developer | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | Editor | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | Oxygen Content Fusion | 2.0, 3.0, 4.1 | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | ||||
| OxygenXML | Oxygen Feedback Enterprise | 1.4.4 & older | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | ||||
| OxygenXML | Oxygen License Server | v22.1 to v24.0 | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | ||||
| OxygenXML | Oxygen PDF Chemistry | v22.1, 23.0, 23.1, 24.0 | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | ||||
| OxygenXML | Oxygen SDK | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | Plugins (see advisory link) | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | Publishing Engine | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | Web Author | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html | |||||
| OxygenXML | WebHelp | Vulnerable | https://www.oxygenxml.com/security/advisory/CVE-2021-44228.html |