List of Splunk products affected by Log4j Vulnerability

A lot of Splunk products like Add ons for Java Management extensions, JBoss, Tomcat,Data Stream Processor, IT Essentials Work, IT Service Intelligence, Splunk Connect for Kafka, Splunk Enterprise, Splunk Enterprise Docker Container, Logging Library for Java, OVA for VMWare, OVA for VMWare Metrics, VMWare OVA for ITSI, On-call / VictorOps, Real User Monitoring, Application Performance Monitoring, Infrastructure Monitoring, Log Observer, Synthetics, UBA OVA Software have been impacted for Log4j Vulnerability.

Products that were not impacted by Log4j Vulnerability: Admin Config Service, Analytics Workspace, Behavior Analytics, Dashboard Studio, Developer Tools: AppInspect, Enterprise Security, Infosec App for Splunk, Intelligence Management (TruSTAR), KV Service, Mission Control MLTK, Operator for Kubernetes, Security Analytics for AWS, SignalFx Smart Agent, SOAR Cloud (Phantom), SOAR (On-Premises)
Splunk Augmented Reality, Splunk Cloud Data Manager (SCDM), Splunk Connect for Kubernetes, Splunk Connect for SNMP., Splunk Connect for Syslog, Splunk DB Connect, Splunk Enterprise Cloud, Splunk Log Observer, Splunk Mint, Splunk Mobile, Splunk Network Performance Monitoring, Splunk Open Telemetry Distributions, Splunk Profiling, Splunk Secure Gateway (Spacebridge), Splunk Security Essentials, Splunk TV, Splunk Universal Forwarder (UF), Splunk User Behavior Analytics (UBA), Stream Processor Service etc.,

Splunk Products that were impacted by Log4j Vulnerability

SplunkVersionsStatusPatched
Splunk Add-On for Java Management Extensions5.2.0 and olderVulnerableMitigation
Splunk Add-On for JBoss3.0.0 and olderVulnerable  Mitigation
Splunk Add-On for Tomcat3.0.0 and olderVulnerable  Mitigation
Data Stream Processor (On-Prem)DSP 1.0.x, 1.1.x, 1.2.xVulnerable  Mitigation
IT Essentials Work4.11, 4.9.xVulnerable  Mitigation
IT Essentials Work4.10.x (Cloud)  Vulnerable  Mitigation
IT Service Intelligence (ITSI)4.11.0,4.7.x, 4.6.x, 4.5.xVulnerable  Mitigation
IT Service Intelligence (ITSI)4.10.x , 4.9.x, 4.8.x (Cloud) Vulnerable  Mitigation
Splunk Connect for KafkaAll versions prior to 2.0.4Vulnerable  Mitigation
Splunk Enterprise (including instance types like Heavy Forwarders) 8.1.x and 8.2.x onlyVulnerable  Mitigation
Splunk Enterprise Amazon Machine Image (AMI)See Splunk EnterpriseVulnerable  Mitigation
Splunk Enterprise Docker ContainerSee Splunk EnterpriseVulnerable  Mitigation
Splunk Logging Library for Java1.11.0 and olderVulnerable  Mitigation
Splunk OVA for VMWare4.0.3 and olderVulnerable  Mitigation
Splunk OVA for VMWare Metrics4.2.1 and olderVulnerable  Mitigation
Splunk VMWare OVA for ITSI1.1.1 and olderVulnerable  Mitigation
Splunk On-call / VictorOpsCurrentVulnerable  Mitigation
Splunk Real User MonitoringCurrentVulnerable  Mitigation
Splunk Application Performance MonitoringCurrentVulnerable  Mitigation
Splunk Infrastructure MonitoringCurrentVulnerable  Mitigation
Splunk Log ObserverCurrentVulnerable  Mitigation
Splunk SyntheticsCurrentVulnerable  Mitigation
Splunk UBA OVA Software5.0.3a, 5.0.0Vulnerable  Mitigation
Source: https://www.splunk.com/en_us/blog/bulletins/splunk-security-advisory-for-apache-log4j-cve-2021-44228.html