Skip to content

MongoDB Products | Log4j Impact

Except Altas Search, other products of MongoDB like Atlas, Mongo DB Community Edition, Driver, Enterprise Advanced, Realm, Tools have been unaffected by Log4j Vulnerability. As of Dec17th, Mongo DB Atlas search has been already patched to log4j v2.16.0 from log4j v2.15.0 and till now no evidence of exploitation of the vulnerability has been detected by MongoDB Team. Since the Vulnerability continues to exist in Wild, MongoDB has asked customers to update Atlas Search in their own environments to prevent exploitation attempts.

MongoDB ProductsVersionsSource
MongoDB Atlas SearchAllVulnerablesource
MongoDB Atlas All Not Vulnerablesource
MongoDB Community Edition All Not Vulnerable source
MongoDB Drivers All Not Vulnerable source
MongoDB Enterprise Advanced All Not Vulnerable source
MongoDB Realm All Not Vulnerable source
MongoDB Tools All Not Vulnerable source
Source: https://www.mongodb.com/blog/post/log4shell-vulnerability-cve-2021-44228-and-mongodb