Broadcom Products affected by Log4j Vulnerability

Broadcom which manufactures broad range of semiconductors and develops Infrastructure solutions has been also affected by Log4j vulnerability. There are 2 tables listed below in one there is list of affected products and another table contains the products that are not affected by this vulnerability

List of Broadcom Products not affected by Log4j vulnerability

ProductVersionStatusPatched
Advanced Secure Gateway (ASG)AllNot VulnerableNot Needed
BCAAAAllNot VulnerableNot Needed
CloudSOC Cloud Access Security Broker (CASB)AllNot VulnerableNot Needed
Cloud Workload Assurance (CWA)AllNot VulnerableNot Needed
Cloud Workload Protection (CWP)AllNot VulnerableNot Needed
Cloud Workload Protection for Storage (CWP:S)AllNot VulnerableNot Needed
Content Analysis (CA)AllNot VulnerableNot Needed
Critical System Protection (CSP)AllNot VulnerableNot Needed
Data Center Security (DCS)AllNot VulnerableNot Needed
Data Loss Prevention (DLP)AllNot VulnerableNot Needed
HSM AgentAllNot VulnerableNot Needed
Ghost Solution Suite (GSS)AllNot VulnerableNot Needed
Information Centric Analytics (ICA)AllNot VulnerableNot Needed
Industrial Control System Protection (ICSP)AllNot VulnerableNot Needed
Information Centric Tagging (ICT)AllNot VulnerableNot Needed
Integrated Cyber Defense Exchange (ICDx)AllNot VulnerableNot Needed
Integrated Secure Gateway (ISG)AllNot VulnerableNot Needed
IT Analytics (ITA)AllNot VulnerableNot Needed
IT Management SuiteAllNot VulnerableNot Needed
Layer7 Mobile API GatewayAllNot VulnerableNot Needed
Management Center (MC)AllNot VulnerableNot Needed
Mirror GatewayAllNot VulnerableNot Needed
PacketShaper (PS) S-SeriesAllNot VulnerableNot Needed
PolicyCenter (PC) S-SeriesAllNot VulnerableNot Needed
ProxySGAllNot VulnerableNot Needed
ReporterAllNot VulnerableNot Needed
Security Analytics (SA)AllNot VulnerableNot Needed
ServiceDeskAllNot VulnerableNot Needed
SSL Visibility (SSLV)AllNot VulnerableNot Needed
Symantec DirectoryAllNot VulnerableNot Needed
Symantec Control Compliance Suite (CCS)AllNot VulnerableNot Needed
Symantec Endpoint Encryption (SEE)AllNot VulnerableNot Needed
Symantec Endpoint Protection (SEP) AgentAllNot VulnerableNot Needed
Symantec Endpoint Protection (SEP) for MobileAllNot VulnerableNot Needed
Symantec Insight Private CloudAllNot VulnerableNot Needed
Symantec Mail Security for Microsoft Exchange AllNot VulnerableNot Needed
Symantec Messaging Gateway (SMG)AllNot VulnerableNot Needed
Symantec PGP SolutionsAllNot VulnerableNot Needed
Symantec Protection Engine (SPE)AllNot VulnerableNot Needed
Symantec Protection for SharePoint Servers(SPSS)AllNot VulnerableNot Needed
Symantec VIPAllNot VulnerableNot Needed
Source: https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793

List of BroadCom Products affected by Log4j vulnerability


ProductVersionsStatusPatched?
CA Advanced Authentication9.1 & aboveVulnerableMitigation 
Layer7 API Developer Portal>4.4 till 5.02VulnerableMitigation
Layer7 API Developer Portal SaaS (Cloud)AllVulnerablePatched
Layer7 API Gateway9.4,10.0 & 10.1VulnerableMitigation
Layer7 Live API Creator5.1-5.3 , 5.4VulnerableMitigation
Symantec PAM Server Control14.0.x , 14.1.xVulnerableMitigation
Symantec Privileged Identity Manager12.9.x, 14.0VulnerableMitigation
Symantec SiteMinder (CA Single Sign-on)12.8.x Policy ServerVulnerableMitigation
Symantec SiteMinder (CA Single Sign-on)12.8.x Administrative UIVulnerableMitigation
Symantec SiteMinder (CA Single Sign-on)12.8.x Access GatewayVulnerableMitigation
Symantec SiteMinder (CA Single Sign-on)12.8.x SDKVulnerableMitigation
Symantec SiteMinder (CA Single Sign-on)12.7 and 12.8 ASA AgentsVulnerableMitigation
VIP Authentication HubAllVulnerableMitigation
LiveUpdate Administrator (LUA)AllVulnerableMitigation
Symantec Endpoint Protection Manager (SEPM)14.2 and aboveVulnerableMitigation
https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793


There has been some mitigations provided by Broadcom in the above advisory for the vulnerable products that have been listed above.

Scroll to Top