CVE-2021-44228 (log4j) - Vendor Responses

This is a thread to track vendor responses and updates for CVE-2021-44228.

General discussion can take place over on CVE-2021-44228 (log4j) Vulnerability Discussion.

UniFi Controller Update Released

VMWare Response

Anybody know HostiFi’s plan/schedule for updates? Never know where to look for updates and info from them.

Already done at HostiFi

1 Like

I did a quick gander around for a PaperCut response, but didn’t find anything.

Anyone know if they are using log4j?

Nvm. I’m bad at Google on Saturdays.

Edit #2… Here’s PaperCut’s KB with links to workaround and a hotpatch. Log4Shell (CVE-2021-44228) - How is PaperCut Affected? | PaperCut

JAMF has released an update.

Affected and have a mitigation posted.

VMware has posted instructions for applying the “formatMsgNoLookups” mitigation to most of their affected products: VMSA-2021-0028.1 (

The Big Book of Vendor Responses:

1 Like

Here is official link for PaperCut patch.