A lot of Splunk products like Add ons for Java Management extensions, JBoss, Tomcat,Data Stream Processor, IT Essentials Work, IT Service Intelligence, Splunk Connect for Kafka, Splunk Enterprise, Splunk Enterprise Docker Container, Logging Library for Java, OVA for VMWare, OVA for VMWare Metrics, VMWare OVA for ITSI, On-call / VictorOps, Real User Monitoring, Application Performance Monitoring, Infrastructure Monitoring, Log Observer, Synthetics, UBA OVA Software have been impacted for Log4j Vulnerability.
Products that were not impacted by Log4j Vulnerability: Admin Config Service, Analytics Workspace, Behavior Analytics, Dashboard Studio, Developer Tools: AppInspect, Enterprise Security, Infosec App for Splunk, Intelligence Management (TruSTAR), KV Service, Mission Control MLTK, Operator for Kubernetes, Security Analytics for AWS, SignalFx Smart Agent, SOAR Cloud (Phantom), SOAR (On-Premises)
Splunk Augmented Reality, Splunk Cloud Data Manager (SCDM), Splunk Connect for Kubernetes, Splunk Connect for SNMP., Splunk Connect for Syslog, Splunk DB Connect, Splunk Enterprise Cloud, Splunk Log Observer, Splunk Mint, Splunk Mobile, Splunk Network Performance Monitoring, Splunk Open Telemetry Distributions, Splunk Profiling, Splunk Secure Gateway (Spacebridge), Splunk Security Essentials, Splunk TV, Splunk Universal Forwarder (UF), Splunk User Behavior Analytics (UBA), Stream Processor Service etc.,
Splunk Products that were impacted by Log4j Vulnerability
| Splunk | Versions | Status | Patched |
|---|---|---|---|
| Splunk Add-On for Java Management Extensions | 5.2.0 and older | Vulnerable | Mitigation |
| Splunk Add-On for JBoss | 3.0.0 and older | Vulnerable | Mitigation |
| Splunk Add-On for Tomcat | 3.0.0 and older | Vulnerable | Mitigation |
| Data Stream Processor (On-Prem) | DSP 1.0.x, 1.1.x, 1.2.x | Vulnerable | Mitigation |
| IT Essentials Work | 4.11, 4.9.x | Vulnerable | Mitigation |
| IT Essentials Work | 4.10.x (Cloud) | Vulnerable | Mitigation |
| IT Service Intelligence (ITSI) | 4.11.0,4.7.x, 4.6.x, 4.5.x | Vulnerable | Mitigation |
| IT Service Intelligence (ITSI) | 4.10.x , 4.9.x, 4.8.x (Cloud) | Vulnerable | Mitigation |
| Splunk Connect for Kafka | All versions prior to 2.0.4 | Vulnerable | Mitigation |
| Splunk Enterprise (including instance types like Heavy Forwarders) | 8.1.x and 8.2.x only | Vulnerable | Mitigation |
| Splunk Enterprise Amazon Machine Image (AMI) | See Splunk Enterprise | Vulnerable | Mitigation |
| Splunk Enterprise Docker Container | See Splunk Enterprise | Vulnerable | Mitigation |
| Splunk Logging Library for Java | 1.11.0 and older | Vulnerable | Mitigation |
| Splunk OVA for VMWare | 4.0.3 and older | Vulnerable | Mitigation |
| Splunk OVA for VMWare Metrics | 4.2.1 and older | Vulnerable | Mitigation |
| Splunk VMWare OVA for ITSI | 1.1.1 and older | Vulnerable | Mitigation |
| Splunk On-call / VictorOps | Current | Vulnerable | Mitigation |
| Splunk Real User Monitoring | Current | Vulnerable | Mitigation |
| Splunk Application Performance Monitoring | Current | Vulnerable | Mitigation |
| Splunk Infrastructure Monitoring | Current | Vulnerable | Mitigation |
| Splunk Log Observer | Current | Vulnerable | Mitigation |
| Splunk Synthetics | Current | Vulnerable | Mitigation |
| Splunk UBA OVA Software | 5.0.3a, 5.0.0 | Vulnerable | Mitigation |