It seems the AntiVirus make McAfee has been also affected by Log4j. Products like Enterprise Security Manager, Threat Intelligence Exchange & ePolicy Orchestrator has been affected by Log4j and rest of the products like Data Exchange Layer, MacAfee Active Response, NetWork Security Manager, Network Security Platform, ePolicy Orchestrator Agent Handlers have unaffected by the Log4j Vulnerability.
| McAfee Product | Versions | Status | Patched? |
|---|---|---|---|
| Data Exchange Layer (DXL) | All | Not Vulnerable | Not Needed |
| Enterprise Security Manager (ESM) | 11.x | Workaround | Mitigation |
| McAfee Active Response (MAR) | All | Not Vulnerable | Not Needed |
| Network Security Manager (NSM) | All | Not Vulnerable | Not Needed |
| Network Security Platform (NSP) | All | Not Vulnerable | Not Needed |
| Threat Intelligence Exchange (TIE) | 2.2, 2.3, 3.0 | Workaround | Mitigation |
| ePolicy Orchestrator Agent Handlers (ePO-AH) | All | Not Vulnerable | Not Needed |
| ePolicy Orchestrator Application Server (ePO) | 5.10 CU11 | Workaround | Mitigation |
| ePolicy Orchestrator Application Server (ePO) | <= 5.10 CU10 | Not Vulnerable | Not Needed |