SalesForce Services/Products that are impacted due to Log4j Vulnerability

It seems some of the SalesForce Services and products were also impacted due to Log4j vulnerability. SalesForce has actively started patching some of it’s vulnerabilities.Except Heroku almost all SalesForce services and products are affected by this Log4j Vulnerability. Some of the products in the below table have been already patched.

Service/ProductStatusPatched?
Sales CloudVulnerablePatch in Progress
Service Cloud Vulnerable Patch in Progress
Community Cloud Vulnerable Patch in Progress
B2C Commerce Cloud Vulnerable Patch in Progress
Analytics Cloud Vulnerable Patched & Updated
Force.com Vulnerable Patch in Progress
Social Studio Vulnerable Patch in Progress
Datorama Vulnerable Patch in Progress
Pardot Vulnerable Patch in Progress
Data.com Vulnerable Patch in Progress
HerokuNot VulnerableNot Needed
Marketing Cloud Vulnerable Patch in Progress
MuleSoft (Cloud) Vulnerable Patch in Progress
MuleSoft (On-Premise) Vulnerable Patch might be there.
ClickSoft (As-a-Service) Vulnerable Patch in Progress
ClickSoft (On-Premise) Vulnerable Patch might be there.
Tableau (Online) Vulnerable Patch in Progress
Tableau (On-Premise) Vulnerable Patch might be there.
Slack Vulnerable Patch in Progress
Evergage (Interaction Studio) Vulnerable Patched & Updated
Source: https://help.salesforce.com/s/articleView?id=000363736&type=1

For some of the On-premise versions like MuleSoft, ClickSoft and Tableau, users might need to contact Customer Support about the patch availability or the remediation Steps. SalesForce continues to monitor and prevent any exploitation attempts of Customer data. They have also said Customers would be intimated if they detect any kind of suspicious activity on their Systems.

Scroll to Top