Ivanti Products affected by Log4j Vulnerability

Only few of the Ivanti products like Avanlanche, Ivanti File Director, Ivanti Security Controls (Patch ISec) , MobileIron Core , MobileIron Sentry (Core / Cloud) , MobileIron Core Connector have been affected by Log4j Vulnerability. If the systems are within DMZ then there is less of risk in getting exploited whereas if the systems are outside DMZ then there is more risk of these applications getting exploited by Log4j Vulnerability

Products not affect by Log4j Vulnerability: Application Control for Linux , Application Control for Windows, Automation, Avalanche,Avalanche Remote Control, Cherwell Asset Management (CAM), Cherwell Service Management (CSM), Connect Pro, Credential mgr (PivD Manager), Discovery Classic, DSM, Environment Manager, GoldMine, HEAT Classic, IIRIS (Neurons for IIOT), ITSM 6/7, Incapptic Connect, Insight, Ivanti Asset Lifecycle Management, Ivanti Device Application Control, Ivanti Endpoint Manager, Ivanti EPM  – Cloud Service Appliance, Ivanti Endpoint Security, Ivanti Environment Manager, Ivanti File Director, Ivanti Identity Director, Ivanti License Optimizer (ILO), Ivanti Management Center, Ivanti Neurons Platform,Ivanti Performance Manager, Ivanti Service Desk, Ivanti Service Manager,Ivanti Service Manager for Neurons,
Ivanti Security Controls, Ivanti Voice, Ivanti Workspace Control,MI Appconnect, MI Email+, MI Go Client, MI Mobile@Work, MI Security Productivity Apps,MI Tunnel App, MobileIron Access/ZSO, MobileIron BYOD Portal, MobileIron Cloud, MobileIron Cloud Connector etc.,


Ivanti ProductVersionsStatusPatched
Application Control for Linux AllNot VulnerableNot Affected
Application Control for Windows All Not VulnerableNot Affected
Automation  All Not VulnerableNot Affected
Avalanche All VulnerableAffected – See INFO
Avalanche Remote Control  All Not VulnerableNot Affected
Cherwell Asset Management (CAM) All Not VulnerableNot Affected
Cherwell Service Management (CSM) All Not VulnerableNot Affected
Connect Pro All Not VulnerableNot Affected
Credential mgr (PivD Manager) All Not VulnerableNot Affected
Discovery Classic All Not VulnerableNot Affected
DSM All Not VulnerableNot Affected
Environment Manager All Not VulnerableNot Affected
GoldMine All Not VulnerableNot Affected
HEAT Classic All Not VulnerableNot Affected
IIRIS (Neurons for IIOT) All Not VulnerableNot Affected
ITSM 6/7 All Not VulnerableNot Affected
Incapptic Connect All Not VulnerableNot Affected
Insight All Not VulnerableNot Affected
Ivanti Asset Lifecycle Management All Not VulnerableNot Affected
Ivanti Device Application Control All Not VulnerableNot Affected
Ivanti Endpoint Manager All Not VulnerableNot Affected
Ivanti EPM  – Cloud Service Appliance All Not VulnerableNot Affected
Ivanti Endpoint Security All Not VulnerableNot Affected
Ivanti Environment Manager All Not VulnerableNot Affected
Ivanti File Director All VulnerableAffected – SEE INFO
Ivanti Identity Director All Not VulnerableNot Affected
Ivanti License Optimizer (ILO) All Not VulnerableNot Affected
Ivanti Management Center All Not VulnerableNot Affected
Ivanti Neurons Platform All Not VulnerableNot Affected
Ivanti Performance Manager All Not VulnerableNot Affected
Ivanti Service Desk All Not VulnerableNot Affected
Ivanti Service Manager All Not VulnerableNot Affected
Ivanti Service Manager for Neurons (Cloud) All Not VulnerableNot Affected
Ivanti Security Controls (Patch ISec) All VulnerableNot Affected
Ivanti Voice All Not VulnerableNot Affected
Ivanti Workspace Control All Not VulnerableNot Affected
MI Appconnect All Not VulnerableNot Affected
MI Email+ All Not VulnerableNot Affected
MI Go Client All Not VulnerableNot Affected
MI Mobile@Work All Not VulnerableNot Affected
MI Security Productivity Apps All Not VulnerableNot Affected
MI Tunnel App All Not VulnerableNot Affected
MobileIron Access/ZSO All VulnerableMitigated – No Impact
MobileIron BYOD Portal All Not VulnerableNot Affected
MobileIron Cloud All Not VulnerableNot Affected
MobileIron Cloud Connector All Not VulnerableNot Affected
MobileIron Core All VulnerableAffected – SEE INFO
MobileIron Sentry (Core / Cloud) All VulnerableAffected – SEE INFO
MobileIron Core Connector All VulnerableAffected – SEE INFO
Patch MEM (Microsoft Endpoint Manager) All Not VulnerableNot Affected
Patch OEM APIs All Not VulnerableNot Affected
Performance Manager All Not VulnerableNot Affected
Pulse Desktop Client All Not VulnerableNot Affected
Pulse Mobile Client All Not VulnerableNot Affected
Pulse Services Director All Not VulnerableNot Affected
Pulse Virtual Traffic Manager All Not VulnerableNot Affected
Pulse Web Application Firewall All Not VulnerableNot Affected
Pulse Connect Secure All Not VulnerableNot Affected
Pulse One All Not VulnerableNot Affected
Pulse Policy Secure All Not VulnerableNot Affected
Pulse ZTA All Not VulnerableNot Affected
Risksense Threat and Vulnerability Management All Not VulnerableNot Affected
SpeakEasy (add-on to Velocity) All Not VulnerableNot Affected
SpeakEasy (WinCE) All Not VulnerableNot Affected
Terminal Emulation and Industrial Browser All Not VulnerableNot Affected
Velocity All Not VulnerableNot Affected
VelocityCE All Not VulnerableNot Affected
ConnectPro(Termproxy) All Not VulnerableNot Affected
Wavelink License server All Not VulnerableNot Affected
CETerm(Naurtech) All Not VulnerableNot Affected
Virtual Desktop Extender All Not VulnerableNot Affected
Xtraction All Not VulnerableNot Affected
Source: https://forums.ivanti.com/s/article/CVE-2021-44228-Java-logging-library-log4j-Ivanti-Products-Impact-Mapping?language=en_US
Scroll to Top