Broadcom which manufactures broad range of semiconductors and develops Infrastructure solutions has been also affected by Log4j vulnerability. There are 2 tables listed below in one there is list of affected products and another table contains the products that are not affected by this vulnerability
List of Broadcom Products not affected by Log4j vulnerability
| Product | Version | Status | Patched |
|---|---|---|---|
| Advanced Secure Gateway (ASG) | All | Not Vulnerable | Not Needed |
| BCAAA | All | Not Vulnerable | Not Needed |
| CloudSOC Cloud Access Security Broker (CASB) | All | Not Vulnerable | Not Needed |
| Cloud Workload Assurance (CWA) | All | Not Vulnerable | Not Needed |
| Cloud Workload Protection (CWP) | All | Not Vulnerable | Not Needed |
| Cloud Workload Protection for Storage (CWP:S) | All | Not Vulnerable | Not Needed |
| Content Analysis (CA) | All | Not Vulnerable | Not Needed |
| Critical System Protection (CSP) | All | Not Vulnerable | Not Needed |
| Data Center Security (DCS) | All | Not Vulnerable | Not Needed |
| Data Loss Prevention (DLP) | All | Not Vulnerable | Not Needed |
| HSM Agent | All | Not Vulnerable | Not Needed |
| Ghost Solution Suite (GSS) | All | Not Vulnerable | Not Needed |
| Information Centric Analytics (ICA) | All | Not Vulnerable | Not Needed |
| Industrial Control System Protection (ICSP) | All | Not Vulnerable | Not Needed |
| Information Centric Tagging (ICT) | All | Not Vulnerable | Not Needed |
| Integrated Cyber Defense Exchange (ICDx) | All | Not Vulnerable | Not Needed |
| Integrated Secure Gateway (ISG) | All | Not Vulnerable | Not Needed |
| IT Analytics (ITA) | All | Not Vulnerable | Not Needed |
| IT Management Suite | All | Not Vulnerable | Not Needed |
| Layer7 Mobile API Gateway | All | Not Vulnerable | Not Needed |
| Management Center (MC) | All | Not Vulnerable | Not Needed |
| Mirror Gateway | All | Not Vulnerable | Not Needed |
| PacketShaper (PS) S-Series | All | Not Vulnerable | Not Needed |
| PolicyCenter (PC) S-Series | All | Not Vulnerable | Not Needed |
| ProxySG | All | Not Vulnerable | Not Needed |
| Reporter | All | Not Vulnerable | Not Needed |
| Security Analytics (SA) | All | Not Vulnerable | Not Needed |
| ServiceDesk | All | Not Vulnerable | Not Needed |
| SSL Visibility (SSLV) | All | Not Vulnerable | Not Needed |
| Symantec Directory | All | Not Vulnerable | Not Needed |
| Symantec Control Compliance Suite (CCS) | All | Not Vulnerable | Not Needed |
| Symantec Endpoint Encryption (SEE) | All | Not Vulnerable | Not Needed |
| Symantec Endpoint Protection (SEP) Agent | All | Not Vulnerable | Not Needed |
| Symantec Endpoint Protection (SEP) for Mobile | All | Not Vulnerable | Not Needed |
| Symantec Insight Private Cloud | All | Not Vulnerable | Not Needed |
| Symantec Mail Security for Microsoft Exchange | All | Not Vulnerable | Not Needed |
| Symantec Messaging Gateway (SMG) | All | Not Vulnerable | Not Needed |
| Symantec PGP Solutions | All | Not Vulnerable | Not Needed |
| Symantec Protection Engine (SPE) | All | Not Vulnerable | Not Needed |
| Symantec Protection for SharePoint Servers(SPSS) | All | Not Vulnerable | Not Needed |
| Symantec VIP | All | Not Vulnerable | Not Needed |
List of BroadCom Products affected by Log4j vulnerability
| Product | Versions | Status | Patched? |
|---|---|---|---|
| CA Advanced Authentication | 9.1 & above | Vulnerable | Mitigation |
| Layer7 API Developer Portal | >4.4 till 5.02 | Vulnerable | Mitigation |
| Layer7 API Developer Portal SaaS (Cloud) | All | Vulnerable | Patched |
| Layer7 API Gateway | 9.4,10.0 & 10.1 | Vulnerable | Mitigation |
| Layer7 Live API Creator | 5.1-5.3 , 5.4 | Vulnerable | Mitigation |
| Symantec PAM Server Control | 14.0.x , 14.1.x | Vulnerable | Mitigation |
| Symantec Privileged Identity Manager | 12.9.x, 14.0 | Vulnerable | Mitigation |
| Symantec SiteMinder (CA Single Sign-on) | 12.8.x Policy Server | Vulnerable | Mitigation |
| Symantec SiteMinder (CA Single Sign-on) | 12.8.x Administrative UI | Vulnerable | Mitigation |
| Symantec SiteMinder (CA Single Sign-on) | 12.8.x Access Gateway | Vulnerable | Mitigation |
| Symantec SiteMinder (CA Single Sign-on) | 12.8.x SDK | Vulnerable | Mitigation |
| Symantec SiteMinder (CA Single Sign-on) | 12.7 and 12.8 ASA Agents | Vulnerable | Mitigation |
| VIP Authentication Hub | All | Vulnerable | Mitigation |
| LiveUpdate Administrator (LUA) | All | Vulnerable | Mitigation |
| Symantec Endpoint Protection Manager (SEPM) | 14.2 and above | Vulnerable | Mitigation |
There has been some mitigations provided by Broadcom in the above advisory for the vulnerable products that have been listed above.