Zero day vulnerability CVE-2021-44228 information for Symantec Data Loss Prevention (DLP).
CVE - CVE-2021-44228 (mitre.org)
Log4j 2x and above are vulnerable.
Broadcom development has reviewed all DLP versions. DLP is NOT vulnerable to this vector.
Details:
CVE-2021-44228 impacts (log4j-core-2.x.jar) which is NOT shipped with DLP, nor consumed by DLP in indirect form.
The official public statements are here:
Update, as per previous statements from DLP Engineering, there is now a Hotfix available to remove log4j files from DLP server installations (broadcom.com).