Dynatrace applications affected by Log4j Vulnerability

The below article contains a List of Dynatrace applications that are affected by Log4j Vulnerability.Dynatrace says that there is very low risk of how this vulnerability can be exposed because of the way Dynatrace uses Log4j within their applications and in addition to the layered security also prevents this vulnerability can be exploited by others. The fixes have been applied for almost all the customers of Dynatrace who have automatic updates turned on. Other customers should download the updates and apply them.

Dynatrace ProductVersionsStatusPatched
Dynatrace ExtensionsAllVulnerable Patched
Dynatrace ActiveGateAllNot Affected Not Needed
Dynatrace OneAgentAllNot Vulnerable Not Needed
Dynatrace SyntheticAll (See Note) Vulnerable Patched
Dynatrace ManagedAll (See Note)VulnerablePatched
Dynatrace FedRAMPAllVulnerable Not Needed
Dynatrace SaaSAllVulnerableNot Needed
Source: https://www.dynatrace.com/news/security-alert/log4shell-log4j-vulnerability/?_ga=2.140877490.1456944036.1639732085-1772422878.1639732085

Some of the Dynatrace applications like DynaTrace Synthetic and DynaTrace Managed have different versions of their product affected by this vulnerability. For customers who are using older version of Synthetic, they should reach out to the customer support to apply the mitigation available for the vulnerability. More can be found on the Dynatrace link below the table listed above..