→ The Lansweeper Customer Excellence Awards 2024 - Submit Your Project Now! Learn More & Enter Here

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
lightupdifire
Engaged Sweeper
Hello,

Would be great to understand a little bit more about the Log4j report,

As an example, we receive 200 devices with different software listed, few examples of the software:
Cisco AnyConnect Secure Mobility Client;
Dell Command | Update;
etc.

Does this mean that all those devices, where the above software is detected, are vulnerable?
As an example, checked the Cisco AnyConnect Secure Mobility Client and in the Cisco docs about Log4j they say that the "Cisco AnyConnect Secure Mobility Client" software is not affected by Log4j...

I try to understand how exploitable devices are that this report gives.

Best regards,
L
1 ACCEPTED SOLUTION
Esben_D
Lansweeper Employee
Lansweeper Employee
Not sure if you read the report page:

"The report below is based on a software GitHub list created by the Dutch national cyber security center. The report lists all software in your environment for which the publisher matches with one of the publishers listed by the Dutch cyber security center that had at one point vulnerable software. The software found can be cross-checked with the Github software list to view the most recent Log4j vulnerability status."

https://www.lansweeper.com/report/log4j-vulnerable-software-audit/

View solution in original post

2 REPLIES 2
lightupdifire
Engaged Sweeper
Hello Esben,

Thanks for the input!

Best regards,
L
Esben_D
Lansweeper Employee
Lansweeper Employee
Not sure if you read the report page:

"The report below is based on a software GitHub list created by the Dutch national cyber security center. The report lists all software in your environment for which the publisher matches with one of the publishers listed by the Dutch cyber security center that had at one point vulnerable software. The software found can be cross-checked with the Github software list to view the most recent Log4j vulnerability status."

https://www.lansweeper.com/report/log4j-vulnerable-software-audit/