We are getting requests from our customers who are concerned about the so-called Log4j vulnerability.
Log4j is an open source, Java-based Apache logging framework which can be used to record and document messages created by software applications. The recently discovered
vulnerabilities (CVE-2021-44228 and CVE-2021-45046) affect several Log4j 2.X versions and allow remote code extraction due to erroneous handling of JNDI constructs. See https://logging.apache.org/log4j/2.x/index.html
for more information.