Skip to content

Instantly share code, notes, and snippets.

@SwitHak
Last active March 26, 2024 02:38
Show Gist options
  • Save SwitHak/b66db3a06c2955a9cb71a8718970c592 to your computer and use it in GitHub Desktop.
Save SwitHak/b66db3a06c2955a9cb71a8718970c592 to your computer and use it in GitHub Desktop.
BlueTeam CheatSheet * Log4Shell* | Last updated: 2021-12-20 2238 UTC

Security Advisories / Bulletins / vendors Responses linked to Log4Shell (CVE-2021-44228)

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak

Other great resources

  • Royce Williams list sorted by vendors responses Royce List
  • Very detailed list NCSC-NL
  • The list maintained by U.S. Cybersecurity and Infrastructure Security Agency: CISA List

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

0-9

A

B

Best Practical Request Tracker (RT) and Request Tracker for Incident Response (RTIR) : https://bestpractical.com/blog/2021/12/request-tracker-rt-and-request-tracker-for-incident-response-rtir-do-not-use-log4j

C

D

DCM4CHE.org : dcm4che/dcm4che#1050

E

Ellucian (Banner and Colleague Higher Education SIS) : https://www.ellucian.com/news/ellucian-response-apache-log4j-issue

F

G

Google Cloud Global Products coverage : https://cloud.google.com/log4j2-security-advisory

GratWiFi WARNING I can't confirm it: https://www.facebook.com/GratWiFi/posts/396447615600785

H

I

J

K

Komoot Photon : komoot/photon#620

L

M

N

NextGen Healthcare Mirth : nextgenhealthcare/connect#4892 (comment)

Nice Software (AWS) EnginFRAME : https://download.enginframe.com/

O

Obsidiandynamics KAFDROP : obsidiandynamics/kafdrop#315

P

Progress / IpSwitch : https://www.progress.com/security

PWM Project : pwm-project/pwm#628

Q

R

S

T

U

V

W

X

Xray connector plugin : jenkinsci/xray-connector-plugin#53

Y

Z

Errors, typos, something to say ?

  • If you want to add a link, comment or send it to me
  • Feel free to report any mistake directly below in the comment or in DM on Twitter @SwitHak
@alexschomb
Copy link

@raffisweb CGM Medical itself has been targeted by a ransomware attack, and some systems are offline now: https://www.cgm.com/

@TimGekev
Copy link

Hi SwitHak,
minor Issue: Keypass --> Keepass
Thanks for your big effort helping the whole community.

@maul0r
Copy link

maul0r commented Dec 21, 2021

@ScyberSocii
Copy link

ScyberSocii commented Dec 21, 2021

Possible typos - Palisade is one 's'; Philips - one 'l'; thanks for all the work you've put into this

@Jeff-Notaro
Copy link

@JoKeyser
Copy link

IBM Tivoli Storage Manager (formerly Spectrum Protect) is affected, see https://www.ibm.com/support/pages/ibm-spectrum-protect-downloads-latest-fix-packs-and-interim-fixes

@landon1013
Copy link

@x-sheep
Copy link

x-sheep commented Dec 23, 2021

Weblate is not affected: WeblateOrg/weblate#6972 (comment)

@tidji31
Copy link

tidji31 commented Dec 30, 2021

@mkarg
Copy link

mkarg commented Jan 4, 2022

@ognalysis
Copy link

FreeRADIUS is unaffected: https://freeradius.org/security/

@samuelscott
Copy link

samuelscott commented Apr 18, 2022

@sschukat
Copy link

@limcyrus
Copy link

limcyrus commented Oct 4, 2022

Resources from here as well: https://www.educatedautomation.com/

@Opkey12
Copy link

Opkey12 commented Nov 9, 2022

@TMCSindia
Copy link

TMCSindia commented Mar 16, 2023

@Taito3D
Copy link

Taito3D commented May 6, 2023

@josejuegosmola
Copy link

Los servidores VPS Barato de https://www.incservers.es/ no están afectados.

@Zeesy00
Copy link

Zeesy00 commented Aug 4, 2023

I found it worth reading. I just want to ask you to write more Bracelet

@gamma
Copy link

gamma commented Dec 13, 2023

This thread is getting spammy. It should be closed.

@simonai1254
Copy link

This thread is getting spammy. It should be closed.

I second that

@AlexBaranowski
Copy link

Unfortunately the original author is not active on GH or on Twitter 😭. There is "unsubscribe" in the mail that GH sends, so it's easy to turn it off :octocat:.

@web-apply
Copy link

@web-apply
Copy link

web-apply commented Feb 28, 2024

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment