List of Jamf Nation Products & Log4j Vulnerability
Jamf nation one of the largest Apple Enterprise Management companies has been also affected by the Log4j Vulnerability that was recently disclosed. Though most of the products are not vulnerable, couple of critical products like Jamf Pro (Both OnPremise and Cloud) versions got affected by this vulnerability. Here is the list of Jamf nation products that are affected/Not affected by the vulnerability
| Jamf Product | Versions | Status | |
|---|---|---|---|
| Jamf Cloud | All | Vulnerable | Fixed |
| Jamf Pro (hosted on-prem) | < 10.34.1 | See notes | Fixed |
| Health Care Listener | All | Not Vulnerable | Not Needed |
| Jamf Connect | All | Not Vulnerable | Not Needed |
| Jamf Data Policy | All | Not Vulnerable | Not Needed |
| Jamf Infrastructure Manager | All | Not Vulnerable | Not Needed |
| Jamf Now | All | Not Vulnerable | Not Needed |
| Jamf Private Access | All | Not Vulnerable | Not Needed |
| Jamf Protect | All | Not Vulnerable | Not Needed |
| Jamf School | All | Not Vulnerable | Not Needed |
| Jamf Threat Defense | All | Not Vulnerable | Not Needed |
Jamf Pro: Team has released 10.34.1 for Jamf Pro to fix the vulnerability.There is also a manual mitigation where you can update the affected log4j versions manually, incase of updating it like that the future versions won’t be affected
