List of Solar Winds Applications impacted by Log4j Vulnerability

Like Other software Vendors, Solar Winds products has been also affected by this Critical Log4j vulnerability Except Server &Application Monitor (SAM) and Database Performance Analyzer (DPA) rest of the Solar winds products are not affected by this Vulnerability. SolarWinds team has come out with a detailed post on Blog on about how to mitigate this vulnerability for the affected applications (Note: The Hotfix is still not available and till the hotfix is available these steps can be used best as a Stop gap arrangement)

SolarWinds ProductVersionsStatusPatched?
Database Performance Analyzer2021.1.x, 2021.3.x, 2022.1.xVulnerablesourceworkaround
Orion Platform coreAllNot Vulnerablesource
Server & Application Monitor>= 2020.2.6Vulnerablesourceworkaround

Rest of the Solar Wind products are not impacted according the advisory over here – https://www.solarwinds.com/trust-center/security-advisories/cve-2021-44228 (Orion Platform Core is not affected by this vulnerability as it is never used Log4j package)

Scroll to Top