Security Advisory: Apache Log4j 2 Vulnerabilities

Here's the page we think you wanted. See search results instead:

What are you looking for?

I'm looking for support MXG Signal Generator UXA Signal Analyzer PXA Signal Analyzer Find a solution Get technical support Take a class Find us at events Premium used equipment KeysightCare Buy online

No product matches found - System Exception

Updated: January 28, 2022

Keysight is aware of the recently disclosed Apache Log4j 2 vulnerabilities (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105).

Keysight has assessed our complete product portfolio and determined that only the products below are impacted¹. Mitigation information can be found in the links provided.

Product	Mitigation
CloudLens 6.0 forward	Visit Ixia Security Advisory
CloudLens vPB	Visit Ixia Security Advisory
CloudlLens Self-Hosted / vTap Capability	Visit Ixia Security Advisory
CyPerf	Visit Ixia Security Advisory
Eagle	Visit Ixia Security Advisory
Eggplant Functional IBM Rational Quality Manager (RQM) Adapter	Visit Eggplant Security Advisory
Eggplant Manager	Visit Eggplant Security Advisory
Flexera lmadmin - License Server Manager	Updated install packages are available at: Keysight License Server
Hawkeye	Visit Ixia Security Advisory
Network Visibility Operating System on Keysight Network Packet Brokers software version 4.x, 5.x	Visit Ixia Security Advisory
PathWave Manufacturing Analytics	Keysight-hosted instances patched as of 12/15/2021. Keysight will contact customers to arrange patching for locally-hosted instances.
Spirent TTworkbench	Keysight is currently qualifying an update of TTworkbench distributed with some of our charging system test solutions. An update will be provided when available.
UHD100T32	Visit Ixia Security Advisory
Visibility Application Module - Used for Active SSL/Inline SSL/Out of Band SSL with Vision ONE [MV1-ASSL-1G/2G/4G/10G]	Visit Ixia Security Advisory
Visibility Application Module with SIP/RTP Correlation SW Package [MV1-MS-SRC]	Visit Ixia Security Advisory
Vision X Application Module (MVX-AM4-PC) running any of the MobileStack SW License Packages	Visit Ixia Security Advisory

For more information on the vulnerability, please review the following vulnerability descriptions: (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105) and the Apache Log4j 2 (https://logging.apache.org/log4j/2.x/index.html) post.

For additional questions, please contact Keysight.

¹ Keysight used commercially reasonable efforts to compile the list of products affected by the Apache Log4j 2 vulnerability. Keysight offers this information for your convenience and does not warrant it is complete

Want help or have questions?