List of software (un)affected by the log4shell CVEs

June 15, 2022 · View on GitHub

0-9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

S

Supplier	Product	Version (see Status)	Status CVE-2021-4104	Status CVE-2021-44228	Status CVE-2021-45046	Status CVE-2021-45105	Notes	Links
SISCO	All							link
SMA Solar Technology AG	All							link
Samsung Electronics America	Knox Admin Portal			Not vuln				link
Samsung Electronics America	Knox Asset Intelligence			Not vuln				link
Samsung Electronics America	Knox Configure			Not vuln				link
Samsung Electronics America	Knox E-FOTA One			Not vuln				link
Samsung Electronics America	Knox Guard			Not vuln				link
Samsung Electronics America	Knox License Management			Not vuln				link
Samsung Electronics America	Knox Manage			Fix				link
Samsung Electronics America	Knox Managed Services Provider (MSP)			Not vuln				link
Samsung Electronics America	Knox Mobile Enrollment			Not vuln				link
Samsung Electronics America	Knox Reseller Portal			Fix				link
Securonix	Extended Detection and Response (XDR)	All		Vulnerable			Patching ongoing as of 12/10/2021	link
Securonix	Next Gen SIEM	All		Vulnerable			Patching ongoing as of 12/10/2021	link
Securonix	SNYPR Application							link
Securonix	Security Analytics and Operations Platform (SOAR)	All		Vulnerable			Patching ongoing as of 12/10/2021	link
Securonix	User and Entity Behavior Analytics(UEBA)	All		Vulnerable			Patching ongoing as of 12/10/2021	link
ServiceTitan	All			Fix				link
Spacelabs Healthcare	ABP			Not vuln				link
Spacelabs Healthcare	CardioExpress			Not vuln				link
Spacelabs Healthcare	DM3 and DM4 Monitors							link
Spacelabs Healthcare	EVO							link
Spacelabs Healthcare	Eclipse Pro							link
Spacelabs Healthcare	Intesys Clinical Suite (ICS)							link
Spacelabs Healthcare	Intesys Clinical Suite (ICS) Clinical Access Workstations							link
Spacelabs Healthcare	Lifescreen Pro							link
Spacelabs Healthcare	Pathfinder SL							link
Spacelabs Healthcare	Qube			Not vuln				link
Spacelabs Healthcare	Qube Mini			Not vuln				link
Spacelabs Healthcare	SafeNSound			Fix			Version >4.3.1 - Not Affected	link
Spacelabs Healthcare	Sentinel							link
Spacelabs Healthcare	Spacelabs Cloud							link
Spacelabs Healthcare	Ultraview SL			Not vuln				link
Spacelabs Healthcare	Xhibit Telemetry Receiver (XTR)			Not vuln				link
Spacelabs Healthcare	Xhibit, XC4			Not vuln				link
Spacelabs Healthcare	XprezzNet			Not vuln				link
Spacelabs Healthcare	Xprezzon			Not vuln				link
SAE-IT	All							SAE-IT News Link
SAE IT-systems	codeIT Runtime	All	Not vuln	Not vuln	Not vuln	Not vuln	labeled product, Manufacturer: CODESYS GmbH	source
SAE IT-systems	codeIT Workbench	All	Not vuln	Not vuln	Not vuln	Not vuln	labeled product, Manufacturer: CODESYS GmbH	source
SAE IT-systems	connectIT	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SAE IT-systems	net-line series5	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SAE IT-systems	setIT	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SAE IT-systems	SG-50 / Kombisafe	All		Not vuln			labeled product, Manufacturer: NSE AG	source
SAE IT-systems	Straton Runtime	All		Not vuln			labeled product, Manufacturer STRATON AUTOMATION	source
SAE IT-systems	Straton Workbench	All		Not vuln			labeled product, Manufacturer STRATON AUTOMATION	source
SAE IT-systems	System-4	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SAE IT-systems	T10/T7 Touch panel	All		Not vuln			labeled product, Manufacturer Garz & Fricke GmbH	source
SAE IT-systems	visIT Runtime	All	Not vuln	Not vuln	Not vuln	Not vuln	labeled product, Manufacturer Weidmüller GTI Software GmbH	source
SAE IT-systems	visIT Workbench	All	Not vuln	Not vuln	Not vuln	Not vuln	labeled product, Manufacturer Weidmüller GTI Software GmbH	source
Safe Software	FME Desktop	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Safe Software	FME Server			Investigation				source
SAFE FME Server	All							SAFE FME Server Community Link
Sage	CRM	2020 R2, 2021 R1, and 2021 R2	Not vuln	Workaround			Sage has 3 patches in test	source
SailPoint	IdentityIQ	8.0 or later	Not vuln	Workaround				source
Salesforce	All			Investigation				source
Sangoma	All							Sangoma Community Link
SAP	BusinessObjects Business Intelligence			Not vuln			(behind login)	source
SAP	BusinessObjects Data Services			Not vuln			(behind login)	source
SAP	BusinessObjects Explorer			Not vuln			(behind login)	source
SAP	BusinessObjects Financial Information Management			Not vuln			(behind login)	source
SAP	BusinessObjects Knowledge Accelerator			Not vuln			(behind login)	source
SAP	Commerce	1905, 2005, 2105, 2011	Not vuln	Fix	Fix	Fix		source
SAP	Customer Checkout PoS / manager	2.0 FP09, 2.0 FP10, 2.0 FP11 PL06 (or lower) and 2.0 FP12 PL04 (or lower)	Not vuln	Fix	Fix		SAP note 3130499	source
SAP	Data Intelligence	3	Not vuln	Fix	Fix	Fix		source
SAP	Dynamic Authorization Management	9.1.0.0, 2021.3	Not vuln	Fix	Fix			source
SAP	Hana Cockpit	<1.1.23	Not vuln	Fix	Fix	Fix		source
SAP	HANA Database			Not vuln			(behind login)	source
SAP	HANA Smart Data Integration			Not vuln			(behind login)	source
SAP	HANA Spatial Service			Not vuln			(behind login)	source
SAP	HANA Streaming Analytics			Not vuln			(behind login)	source
SAP	Integrated Business Planning for Supply Chain – Customer systems			Not vuln			(behind login)	source
SAP	Internet of Things Edge Platform	4.0	Not vuln	Fix	Fix	Fix		source
SAP	NetWeaver Application Server for ABAP			Not vuln			(behind login)	source
SAP	S/4 HANA Cloud Customer systems			Not vuln			(behind login)	source
SAP	S/4 HANA Digital Payments Add-On			Not vuln			(behind login)	source
SAP	S/4 HANA On-Premise on ABAP			Not vuln				source
SAP	SuccessFactors Litmos			Not vuln			(behind login)	source
SAP	XS Advanced Runtime	1.0.140 or lower	Not vuln	Fix	Fix	Fix	SAP note 3130698	source
SAP Advanced Platform	All						This advisory is available to customers only and has not been reviewed by CISA	SAP Advanced Platform Support Link
SAP BusinessObjects	All						The support document is available to customers only and has not been reviewed by CISA	CVE-2021-44228 - Impact of Log4j vulnerability on SAP BusinessObjects SAP BusinessObjects Support Link
SAS	All							SAS Support Link
SAS Institute	JMP		Not vuln	Not vuln	Not vuln	Not vuln		source
SAS Institute	SAS Cloud Solutions		Not vuln	Workaround				source
SAS Institute	SAS Profile		Not vuln	Fix				source
SASSAFRAS	All							SASSAFRAS Link
Savignano software solutions	All							Savignano Link
SBT	All	<1.5.6	Not vuln	Fix				Release 1.5.7 · sbt/sbt(github.com)
ScaleComputing	All						This advisory is available to customers only and has not been reviewed by CISA	ScaleComputing Community Link
ScaleFusion MobileLock Pro	All							ScaleFusion MobileLock Pro Help
Schneider Electric	All other products			Investigation	Investigation			source
Schneider Electric	APC PowerChute Business Edition	9.5,10.0,10.0.1-10.0.4	Not vuln	Workaround	Workaround			source
Schneider Electric	APC PowerChute Network Shutdown	4.2-4.4,4.4.1	Not vuln	Workaround	Workaround			source
Schneider Electric	EASYFIT	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	Ecoreal XL	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	EcoStruxure IT Expert		Not vuln	Fix	Fix	Fix	cloud-based offer; no customer action required	source
Schneider Electric	EcoStruxure IT Gateway	1.13.2.3	Not vuln	Fix	Fix	Fix		source
Schneider Electric	Eurotherm Data Reviewer	V3.0.2 and prior	Not vuln	Workaround				source
Schneider Electric	Facility Expert Small Business		Not vuln	Fix	Fix	Fix	cloud-based offer; no customer action required	source
Schneider Electric	Harmony Configurator	34	Not vuln	Fix	Fix	Fix		source
Schneider Electric	MSE Cloud		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	NetBotz750/755	5.3.1	Not vuln	Fix	Fix			source
Schneider Electric	NEW630	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SDK BOM	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SDK-Docgen (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	SDK-TNC	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SDK-UMS (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	SDK3D-2DRenderer	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SDK3D-360Widget	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SDK3D2DRenderer	Current software and earlier		Vulnerable				SE Cybersecurity Best Practices
Schneider Electric	SDK3D360Widget	Current software and earlier		Vulnerable				SE Cybersecurity Best Practices
Schneider Electric	Select and Config DATA (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	SNC-API (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	SNC-CMM (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	SNC-SEMTECH (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	SNCSEMTECH	Current software and earlier		Vulnerable				SE Cybersecurity Best Practices
Schneider Electric	SPIMV3	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SWBEditor	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	SWBEngine	Current software and earlier		Vulnerable	Vulnerable		no customer action required	source
Schneider Electric	TwinBus IP (formerly Digides 2.0) (Cloud)		Not vuln	Fix	Fix	Fix	no customer action required	source
Schneider Electric	Wiser by SE platform (Cloud)		Not vuln	Fix	Fix	Fix	cloud-based offer; no customer action required	source
Schneider Electric	Workplace Advisor	All	Not vuln	Vulnerable	Vulnerable	Vulnerable		source
Schweitzer Engineering Laboratories	All		Not vuln	Not vuln	Not vuln	Not vuln		SEL Advisory Link
SCM Manager	All							SCM Manager Link
Scootersoftware	Beyond Compare	All		Not vuln				source
ScreenBeam	All							ScreenBeam Article
SDL worldServer	All							SDL worldServer Link
Seafile	Server		Not vuln	Fix				source
Seagull Scientific	BarTender	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SecurePoint	All							SecurePoint News Link
Security Onion	All							Security Onion Blog Post
Security Onion Solutions	Security Onion	2.3.90 20211210	Not vuln	Fix				source
SecurityHive	All	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SecurityRoots	Dradis Professional	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Seeburger	All						This advisory is avaiable to customers only and has not been reviewed by CISA	Seeburger Service Desk Link
SentinelOne	All							SentinelOne Blog Post
Sentry	All							Sentry Blog Post
Sentry.io	Self Hosted and SaaS	All		Not vuln			Not affected as it is written in Python and Rust. Makes use of unaffected versions of log4j 1.x in Kafka and Zookeeper subsystems	source
SEP	All							SEP Support Link
Server Eye	All							Server Eye Blog Post
ServiceNow	All							ServiceNow Support Link
Shibboleth	All	Identity Provider>=3.0, All other software versions	Not vuln	Not vuln	Not vuln	Not vuln		Log4j CVE (non)-impact
Shibboleth	IdP/SP			Not vuln				source
Shopify	All							Shopify Community Link
Siebel	All							Siebel Link
Siemens	Affected Products					x	Siemens requested to directly refer to their website: See pdf for the complete list of affected products, CSAF for automated parsing of data	pdf CSAF
Siemens	Affected Products			x	x		Siemens requested to directly refer to their website: See pdf for the complete list of affected products, CSAF for automated parsing of data	pdf CSAF
Siemens Energy	Affected Products			x	x		Siemens requested to directly refer to their website: See pdf for the complete list of affected products, CSAF for automated parsing of data	pdf CSAF
Siemens Healthineers	ATELLICA DATA MANAGER v1.1.1 / v1.2.1 / v1.3.1			Vulnerable			If you have determined that your Atellica Data Manager has a “Java communication engine” service, and you require an immediate mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative.	Siemens Healthineers
Siemens Healthineers	CENTRALINK v16.0.2 / v16.0.3			Vulnerable			If you have determined that your CentraLink has a “Java communication engine” service, and you require a mitigation, then please contact your Siemens Customer Care Center or your local Siemens technical support representative.	Siemens Healthineers
Siemens Healthineers	Cios Flow S1 / Alpha / Spin VA30			Vulnerable			evaluation ongoing	Siemens Healthineers
Siemens Healthineers	Cios Select FD/I.I. VA21 / VA21-S3P			Vulnerable			evaluation ongoing	Siemens Healthineers
Siemens Healthineers	DICOM Proxy VB10A			Vulnerable			Workaround: remove the vulnerable class from the .jar file	Siemens Healthineers
Siemens Healthineers	go.All, Som10 VA20 / VA30 / VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	go.Fit, Som10 VA30			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	go.Now, Som10 VA10 / VA20 / VA30 / VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	go.Open Pro, Som10 VA30 / VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	go.Sim, Som10 VA30 / VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	go.Top, Som10 VA20 / VA20A_SP5 / VA30 / VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	go.Up, Som10 VA10 / VA20 / VA30 / VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	MAGNETOM AERA 1,5T, MAGNETOM PRISMA, MAGNETOM PRISMA FIT, MAGNETOM SKYRA 3T NUMARIS/X VA30A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Altea NUMARIS/X VA20A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM ALTEA, MAGNETOM LUMINA, MAGNETOM SOLA, MAGNETOM VIDA NUMARIS/X VA31A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Amira NUMARIS/X VA12M			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Free.Max NUMARIS/X VA40			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Lumina NUMARIS/X VA20A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Sempra NUMARIS/X VA12M			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Sola fit NUMARIS/X VA20A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Sola NUMARIS/X VA20A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Vida fit NUMARIS/X VA20A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	MAGNETOM Vida NUMARIS/X VA10A* / VA20A			Vulnerable			LOG4J is used in the context of the help system. Workaround: close port 8090 for standalone systems. Setup IP whitelisting for "need to access" systems to network port 8090 in case a second console is connected.	Siemens Healthineers
Siemens Healthineers	SENSIS DMCC / DMCM / TS / VM / PPWS / DS VD12A			Vulnerable			evaluation ongoing	Siemens Healthineers
Siemens Healthineers	Somatom Emotion Som5 VC50			Vulnerable			evaluation ongoing	Siemens Healthineers
Siemens Healthineers	Somatom Scope Som5 VC50			Vulnerable			evaluation ongoing	Siemens Healthineers
Siemens Healthineers	Syngo Carbon Space VA10A / VA10A-CUT2 / VA20A			Vulnerable			Workaround: remove the vulnerable class from the .jar file	Siemens Healthineers
Siemens Healthineers	Syngo MobileViewer VA10A			Vulnerable			The vulnerability will be patch/mitigated in upcoming releases\patches.	Siemens Healthineers
Siemens Healthineers	syngo Plaza VB20A / VB20A_HF01 - HF07 / VB30A / VB30A_HF01 / VB30A_HF02 / VB30B / VB30C / VB30C_HF01 - HF06 / VB30C_HF91			Vulnerable			Workaround: remove the vulnerable class from the .jar file	Siemens Healthineers
Siemens Healthineers	syngo Workflow MLR VB37A / VB37A_HF01 / VB37A_HF02 / VB37B / VB37B_HF01 - HF07 / VB37B_HF93 / VB37B_HF94 / VB37B_HF96			Vulnerable			Please contact your Customer Service to get support on mitigating the vulnerability.	Siemens Healthineers
Siemens Healthineers	syngo.via VB20A / VB20A_HF01 - HF08 / VB20A_HF91 / VB20B / VB30A / VB30A_HF01 - VB30A_HF08 / VB30A_HF91VB30B / VB30B_HF01 / VB40A / VB40A_HF01 - HF02 /VB40B / VB40B_HF01 - HF05 / VB50A / VB50A_CUT / VB50A_D4VB50B / VB50B_HF01 - HF03 / VB60A / VB60A_CUT / VB60A_D4 / VB60A_HF01			Vulnerable			Workaround: remove the vulnerable class from the .jar file	Siemens Healthineers
Siemens Healthineers	syngo.via WebViewer VA13B / VA20A / VA20B			Vulnerable			Workaround: remove the vulnerable class from the .jar file	Siemens Healthineers
Siemens Healthineers	X.Ceed Somaris 10 VA40*			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Siemens Healthineers	X.Cite Somaris 10 VA30/VA40			Vulnerable			Workaround: In the meantime, we recommend preventing access to port 8090 from other devices by configuration of the hospital network.	Siemens Healthineers
Sierra Wireless	All							Sierra Wireless Security Bulletin
Signald	All							Signald Gitlab
Silver Peak	Orchestrator, Silver Peak GMS			Vulnerable			Customer managed Orchestrator and legacy GMS products are affected by this vulnerability. This includes on-premise and customer managed instances running in public cloud services such as AWS, Azure, Google, or Oracle Cloud. See Corrective Action Required for details about how to mitigate this exploit.	Security Advisory Notice Apache
SingleWire	All						This advisory is available to customers only and has not been reviewed by CISA	SingleWire Support Link
Sitecore	Boxever			Not vuln				source
Sitecore	CDP			Not vuln				source
Sitecore	Content Hub			Not vuln				source
Sitecore	Discover			Not vuln				source
Sitecore	Managed Cloud	customers who bring their own Solr	Not vuln	Workaround				source
Sitecore	Managed Cloud	customers who do not use Solr		Not vuln				source
Sitecore	Managed Cloud	customers who host Solr using SearchStax		Not vuln				source
Sitecore	Moosend			Not vuln				source
Sitecore	OrderCloud			Not vuln				source
Sitecore	Personalize			Not vuln				source
Sitecore	Send			Not vuln				source
Sitecore	XP	<= 9.1 (with SOLR as Content Search provider)		Not vuln				source
Sitecore	XP	>= 9.2 (with SOLR as Content Search provider)	Not vuln	Workaround				source
Sitecore	XP	all (with Azure Search as Content Search provider)		Not vuln				source
Skillable	All							Skillable Link
SLF4J	All							SLF4J Link
Slurm	All	20.11.8	Not vuln	Not vuln	Not vuln	Not vuln		source
Smartbear	SoapUI	<= 5.6.0		Vulnerable				source
SmileCDR	All							SmileCDR Blog Post
Smiths Medical	CADD®-Solis Download Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	CADD-Solis Ambulatory Infusion Pump Model 2110		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	CADD-Solis Communication Module Model 2130		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	CADD-Solis Communication Module Model 2131		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	CADD-Solis Network Configuration Utility Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	Medfusion 3500 Pump Download Utility (DL3500)		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	Medfusion 3500 Syringe Infusion Pump		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	Medfusion 4000 Syringe Infusion Pump		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	Medfusion® 4000 Pump Download Utility (DL4000)		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	PharmGuard Administrator Medication Safety Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	PharmGuard Device Reports Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	PharmGuard Interoperability Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	PharmGuard Toolbox 2 Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Smiths Medical	PharmGuard® Server Infusion Management Software		Not vuln	Not vuln	Not vuln	Not vuln		source
Sn0m	All							Sn0m Link
Snakemake	All	6.12.1	Not vuln	Not vuln	Not vuln	Not vuln		source
Snow Software	Snow Commander	8.10.3	Not vuln	Fix	Fix	Fix		source
Snow Software	VM Access Proxy	3.7	Not vuln	Fix	Fix	Fix		source
Snowflake	All		Not vuln	Not vuln	Not vuln	Not vuln		Snowflake Community Link
Snyk	Cloud Platform		Not vuln	Not vuln	Not vuln	Not vuln		Snyk Updates
Software AG	All							Software AG
SolarWinds	Database Performance Analyzer (DPA)	2021.1.x, 2021.3.x, 2022.1.x		Vulnerable			Workarounds available, hotfix under development	Apache Log4j Critical Vulnerability (CVE-2021-44228) Database Performance Analyzer (DPA) and the Apache Log4j Vulnerability (CVE-2021-44228)
SolarWinds	Orion Platform core		Not vuln	Not vuln	Not vuln	Not vuln		source
SolarWinds	Server & Application Monitor (SAM)	SAM 2020.2.6 and later		Vulnerable			Workarounds available, hotfix under development	Apache Log4j Critical Vulnerability (CVE-2021-44228) Server & Application Monitor (SAM) and the Apache Log4j Vulnerability (CVE-2021-44228)
Soliton Systems	MailZen Management - Cloud Service	All	Not vuln	Fix				source
Soliton Systems	MailZen Management Portal - On-Premise	2.36.2, 2.37.3, 2.38.2	Not vuln	Fix				source
Soliton Systems	MailZen Push Server	All	Not vuln	Fix				source
Soliton Systems	Other products	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SonarSource	SonarCloud		Not vuln	Fix				source
SonarSource	SonarQube		Not vuln	Workaround				source
Sonatype	All							Sonatype Vulnerability Statement
SonicWall	Access Points		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Analytics			Not vuln	Not vuln	Not vuln	update based on v2.3 of advisory	source
SonicWall	Analyzer		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Capture Client & Capture Client Portal		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Capture Security Appliance		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	CAS		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Cloud Edge			Not vuln	Not vuln	Not vuln	based on v2.3 of advisory	source
SonicWall	CSCMA			Not vuln	Not vuln	Not vuln	based on v2.3 of advisory	source
SonicWall	Email Security	10.0.13		Fix	Fix	Fix	based on version 2.3 of advisory	source
SonicWall	EPRS			Not vuln	Not vuln	Not vuln	based on version 2.3 of advisory	source
SonicWall	Gen5 Firewalls (EOS)		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Gen6 Firewalls		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Gen7 Firewalls		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	GMS		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	MSW		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	NSM On-Premise	2.3.2-R12-H2		Fix	Fix	Fix	based on version 2.3 of advisory	source
SonicWall	SMA 100		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	SMA 1000		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	SonicCore		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	Switch		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	WAF		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	WNM		Not vuln	Not vuln	Not vuln	Not vuln		source
SonicWall	WXA		Not vuln	Not vuln	Not vuln	Not vuln		source
Sophos	Central			Not vuln				source
Sophos	Cloud Optix		Not vuln	Fix				source
Sophos	Firewall	All		Not vuln				source
Sophos	Firewall (all versions)		Not vuln	Not vuln	Not vuln	Not vuln	Sophos Firewall does not use Log4j.	Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos
Sophos	Home			Not vuln				source
Sophos	Mobile			Not vuln				source
Sophos	Mobile EAS Proxy	9.7.2	Not vuln	Fix				source
Sophos	Reflexion			Not vuln				source
Sophos	SG UTM	All		Not vuln				source
Sophos	SG UTM (all versions)		Not vuln	Not vuln	Not vuln	Not vuln	Sophos SG UTM does not use Log4j.	Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos
Sophos	SG UTM Manager (SUM)	All		Not vuln				source
Sophos	SG UTM Manager (SUM) (all versions)	All	Not vuln	Not vuln	Not vuln	Not vuln	SUM does not use Log4j.	Advisory: Log4J zero-day vulnerability AKA Log4Shell (CVE-2021-44228) Sophos
Sophos	ZTNA			Not vuln				source
SOS (Berlin)	Jobscheduler	1.12.15, 1.13.10, 2.2.0, 2.1.3	Not vuln	Fix				source
SOS Berlin	All							SOS Berlin Link
Spambrella	All							Spambrella FAQ Link
Specops Software	All			Not vuln				source
Spectralink	All			Not vuln	Not vuln	Not vuln	using version 1.2.17	source
Spigot	All							Spigot Security Release
Splunk	Add-On for Java Management Extensions App ID 2647	5.2.0 and older		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	Add-On for JBoss App ID 2954	3.0.0 and older		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	Add-On for Tomcat App ID 2911	3.0.0 and older		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	Add-On: Java Management Extensions	5.2.1	Not vuln	Fix				source
Splunk	Add-On: JBoss	3.0.1	Not vuln	Fix				source
Splunk	Add-On: Tomcat	3.0.1	Not vuln	Fix				source
Splunk	Admin Config Service	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Analytics Workspace	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Application Performance Monitoring	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Augmented Reality	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Behavior Analytics	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Cloud Data Manager (SCDM)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Connect for Kafka	<2.0.4	Not vuln	Fix				source
Splunk	Connect for Kubernetes	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Connect for SNMP	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Connect for Syslog	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Dashboard Studio	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Data Stream Processor	DSP 1.0.x, DSP 1.1.x, DSP 1.2.x		Vulnerable				source
Splunk	DB Connect	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Developer Tools: AppInspect	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Enterprise	All supported non-Windows versions of 8.1.x and 8.2.x only if Hadoop (Hunk) and/or DFS are used.	Not vuln	Workaround				source
Splunk	Enterprise (including instance types like Heavy Forwarders)	All supported non-Windows versions of 8.1.x and 8.2.x only if DFS is used. See Removing Log4j from Splunk Enterprise below for guidance on unsupported versions.		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	Enterprise Amazon Machine Image (AMI)	see Splunk Enterprise	Not vuln	Workaround				source
Splunk	Enterprise Cloud	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Enterprise Docker Container	see Splunk Enterprise	Not vuln	Workaround				source
Splunk	Enterprise Security	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Heavyweight Forwarder (HWF)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Infrastructure Monitoring	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Intelligence Management (TruSTAR)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	IT Essentials Work App ID 5403	4.11, 4.10.x (Cloud only), 4.9.x		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	IT Service Intelligence (ITSI)	4.11.2, 4.10.4, 4.9.6, 4.7.4	Not vuln	Fix				source
Splunk	IT Service Intelligence (ITSI) App ID 1841	4.11.0, 4.10.x (Cloud only), 4.9.x, 4.8.x (Cloud only), 4.7.x, 4.6.x, 4.5.x		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	KV Service	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Log Observer	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Logging Library for Java	<1.11.1	Not vuln	Fix				source
Splunk	Mint	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Mission Control	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	MLTK	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Mobile	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Network Performance Monitoring	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	On-call / VictorOps	Current		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	On-Call/Victor Ops	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Open Telemetry Distributions	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Operator for Kubernetes	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	OVA for VMWare App ID 3216	4.0.3 and older		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	OVA for VMWare Metrics App ID 5096	4.2.1 and older		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	Profiling	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Real User Monitoring	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Secure Gateway (Spacebridge)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Security Analytics for AWS	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	SignalFx Smart Agent	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	SOAR (On-Premises)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	SOAR Cloud (Phantom)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	Stream Processor Service	Current		Vulnerable				source
Splunk	Synthetics	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	TV	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	UBA OVA Software	5.0.3a, 5.0.0		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Splunk	Universal Forwarder (UF)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	User Behavior Analytics (UBA)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Splunk	VMWare OVA for ITSI App ID 4760	1.1.1 and older		Vulnerable				Splunk Security Advisory for Apache Log4j (CVE-2021-44228 and CVE-2021-45046)
Sprecher Automation	SPRECON-E	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Sprecher Automation	SPRECON-EDIR	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Sprecher Automation	SPRECON-SG	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Sprecher Automation	SPRECON-V	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Spring	Boot						Spring Boot users are only affected by this vulnerability if they have switched the default logging system to Log4J2	source
Spring Boot	All							Spring Boot Vulnerability Statement
Stackstate	Agent		Not vuln	Workaround			StackState Agent distributed as an RPM, DEB or MSI package contains a vulnerable Log4j library.	source
Stackstate	All	4.3.x, 4.4.x, 4.5.x and SaaS	Not vuln	Workaround			StackState ships with a version of Elasticsearch that contains a vulnerable Log4j library.	source
Stardog	All	<7.8.1	Not vuln	Fix				source
STERIS	Advantage		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Advantage Plus		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 2000 SERIES WASHER DISINFECTORS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 3000 SERIES WASHER DISINFECTORS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 400 MEDIUM STEAM STERILIZER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 400 SMALL STEAM STERILIZERS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 5000 SERIES WASHER DISINFECTORS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 600 MEDIUM STEAM STERILIZER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO 7000 SERIES WASHER DISINFECTORS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO CENTURY MEDIUM STEAM STERILIZER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO CENTURY SMALL STEAM STERILIZER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO EAGLE 3000 SERIES STAGE 3 STEAM STERILIZERS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO EVOLUTION FLOOR LOADER STEAM STERILIZER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	AMSCO EVOLUTION MEDIUM STEAM STERILIZER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Canexis 1.0		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	CELERITY HP INCUBATOR		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	CELERITY STEAM INCUBATOR		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	CER Optima		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Clarity Software		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Connect Software		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	ConnectAssure Technology		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	ConnectoHIS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	CS-iQ Sterile Processing Workflow		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	DSD Edge		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	DSD-201,		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	EndoDry		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Endora		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Harmony iQ Integration Systems		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Harmony iQ Perspectives Image Management System		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	HexaVue		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	HexaVue Integration System		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	IDSS Integration System		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RapidAER		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	ReadyTracker		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RealView Visual Workflow Management System		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RELIANCE 444 WASHER DISINFECTOR		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RELIANCE SYNERGY WASHER DISINFECTOR		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RELIANCE VISION 1300 SERIES CART AND UTENSIL WASHER DISINFECTORS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RELIANCE VISION MULTI- CHAMBER WASHER DISINFECTOR		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	RELIANCE VISION SINGLE CHAMBER WASHER DISINFECTOR		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Renatron		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	ScopeBuddy+		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	SecureCare ProConnect Technical Support Services		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	Situational Awareness for Everyone Display (S.A.F.E.)		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	SPM Surgical Asset Tracking Software		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	SYSTEM 1 endo LIQUID CHEMICAL STERILANT PROCESSING SYSTEM		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	V-PRO 1 LOW TEMPERATURE STERILIZATION SYSTEM		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	V-PRO 1 PLUS LOW TEMPERATURE STERILIZATION SYSTEM		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	V-PRO MAX 2 LOW TEMPERATURE STERILIZATION SYSTEM		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	V-PRO MAX LOW TEMPERATURE STERILIZATION SYSTEM		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	V-PRO S2 LOW TEMPERATURE STERILIZATION SYSTEM		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
STERIS	VERIFY INCUBATOR FOR ASSERT SELF-CONTAINED BIOLOGICAL INDICATORS		Not vuln	Not vuln	Not vuln	Not vuln		STERIS Advisory Link
Sterling Order IBM	All							IBM Statement
Storagement	All							Storagement
StormShield	All other products				Not vuln	Not vuln	Advisory only mentions CVE-2021-44228, CVE-2021-45046	StormShield Security Alert
StormShield	Visibility Center	v1.6.1	Not vuln	Fix	Fix	Not vuln		source
StrangeBee TheHive & Cortex	All							StrangeBee Statement
Stratodesk	NoTouch	4.5.231	Not vuln	Fix				source
Strimzi	All							Strimzi Statement
Stripe	All							Stripe Support
Styra	All							Styra Security Notice
Sumo logic	Sumu logic	19.361-12	Not vuln	Fix				source
SumoLogic	All							Sumologic Release Notes
Sumologic	All							Sumologic Statement
SuperMicro	BIOS	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	BMC	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	SCC Analytics	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	SCC PODM	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	SMCIPMITool	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	SUM Service (SUM_SERVER)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	Super Diagnostics Offline	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	SuperCloud Composer (SCC)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	Supermicro Power Manager (SPM)	All		Vulnerable			Upgrade to Log4j 2.15.0. Release pending ASAP	source
SuperMicro	Supermicro Server Manager (SSM)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	Supermicro SuperDoctor (SD5)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	Supermicro Update Manager (SUM)	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SuperMicro	vCenter Plug-in	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Superna EYEGLASS	All							Superna EYEGLASS Technical Advisory
Suprema Inc	All							Suprema Inc
SUSE	Linux Enterprise server	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SUSE	Manager	All	Not vuln	Not vuln	Not vuln	Not vuln		source
SUSE	Openstack Cloud	All		Vulnerable			will get update	source
SUSE	Rancher	All	Not vuln	Not vuln	Not vuln	Not vuln		source
Sweepwidget	All							Sweepwidget Statement
Swyx	All							Swyx Advisory
Synacor	Zimbra	8.8.15 and 9.x	Not vuln	Not vuln	Not vuln	Not vuln	Zimbra stated (in their private support portal) they're not vulnerable. Currently supported Zimbra versions ship 1.2.6	source
Synchro MSP	All							Synchro MSP Advisory
Syncplify	All							Syncplify Advisory
SyncRO Soft SRL	Batch Document Converter	3.2.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Git Client	3.0.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen Feedback Enterprise	2.0.1 build 2021122021	Not vuln	Fix	Fix	Fix		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen License Server	24.0 build 2021122016	Not vuln	Fix	Fix	Fix		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen PDF Chemistry	22.1 build 2021121712	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen PDF Chemistry	23.1 build 2021121413	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen PDF Chemistry	24.0 build 2021121611	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen SDK	22.1.0.6	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen SDK	23.1.0.4	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen SDK	24.0.0.2	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen Web Author Test Server Add-on	22.1.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen Web Author Test Server Add-on	23.1.2	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen Web Author Test Server Add-on	24.0.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Author	16.1-22.0	Not vuln	Workaround	Workaround	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Author	22.1 build 2021121715	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Author	23.1 build 2021121415	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Author	24.0 build 2021121518	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Content Fusion	2.0.3 build 2021121417	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Content Fusion	3.0.1 build 2021121414	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Content Fusion	4.1.4 build 2021121611	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Developer	16.1-22.0	Not vuln	Workaround	Workaround	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Developer	22.1 build 2021121715	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Developer	23.1 build 2021121415	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Developer	24.0 build 2021121518	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Editor	16.1-22.0	Not vuln	Workaround	Workaround	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Editor	22.1 build 2021121715	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Editor	23.1 build 2021121415	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Editor	24.0 build 2021121518	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Publishing Engine	22.1 build 2021121712	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Publishing Engine	23.1 build 2021121413	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Publishing Engine	24.0 build 2021121611	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Web Author	22.1.0.5 build 2021122014	Not vuln	Fix	Fix	Fix		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Web Author	23.1.1.3 build 2021122014	Not vuln	Fix	Fix	Fix		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML Web Author	24.0.0.3 build 2021122015	Not vuln	Fix	Fix	Fix		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML WebHelp	22.1 build 2021121712	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML WebHelp	23.1 build 2021121412	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Oxygen XML WebHelp	24.0 build 2021121511	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Web Author PDF Plugin	23.1.1.2	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	Web Author PDF Plugin	24.0.0.2	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	XSD to JSON Schema Converter	22.1.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	XSD to JSON Schema Converter	23.1.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
SyncRO Soft SRL	XSD to JSON Schema Converter	24.0.1	Not vuln	Fix	Fix	Vulnerable		CVE-2021-44228 CVE-2021-45046 CVE-2021-450105
Synology	DSM		Not vuln	Not vuln	Not vuln	Not vuln	The base DSM is not affected. Software installed via the package manager may be vulnerable.	source
Synopsys	All							Synopsys Advisory
syntevo	DeepGit	>= 4.0	Not vuln	Fix			3.0.x and older are vulnerable	source
syntevo	SmartGit	>= 18.1	Not vuln	Fix			17.1.x and older are vulnerable	source
syntevo	SmartSVN	>= 9.3	Not vuln	Fix			9.2.x and older are vulnerable	source
syntevo	SmartSynchronize	>= 3.5	Not vuln	Fix			3.4.x and older are vulnerable	source
SysAid	All		Not vuln	Fix				source
Sysdig	All							source