On December 11th, 2021, NVD - CVE-2021-44228 (nist.gov) was released describing a remote code execution exploit in Apache Log4J2
A Remote Code Execution vulnerability has been reported that affects the widely used Java logging library Apache Log4j2, in particular versions 2.0-2.14.1, due to the way it parses JNDI lookup strings.
Data Center Security is not susceptible to this vulnerability. CVE-2021-44228 affects log4j-core-2.x.jar, which is not consumed by DCS.
For more information on how this and other Broadcom products are affected by this vulnerability, please see Symantec Security Advisory for Log4j 2 CVE-2021-44228 Vulnerability