Security News > 2021 > December > Log4j: List of vulnerable products and vendor advisories
The company published mitigations and knowledgebase articles for several Symantec products affected by the Log4j vulnerability.
While the investigation is still underway and the status may change for some of its products, Citrix has not listed any of its products as being vulnerable to Log4Shell.
Two products from the company use a vulnerable version of Apache Log4j: Server & Application Monitor and Database Performance Analyzer.
At the time of writing, the company has released fixes for some products and is currently working on rolling updates for at least seven of its products.
VMware has fixed several of its products vulnerable to Log4Shell attacks and is currently working to roll out patches for another 27 products.
Zscaler has patched several of its products that used a vulnerable version of the Log4j library.