search cancel

Is Data Center Security Server affected by the zero day Apache Log4j2 vulnerability reported in CVE-2021-44228?


Article ID: 230371


Updated On:


Data Center Security Server Advanced Data Center Security Monitoring Edition Data Center Security Server


On December 11th, 2021, NVD - CVE-2021-44228 ( was released describing a remote code execution exploit in Apache Log4J2


A Remote Code Execution vulnerability has been reported that affects the widely used Java logging library Apache Log4j2, in particular versions 2.0-2.14.1, due to the way it parses JNDI lookup strings. 


Data Center Security is not susceptible to this vulnerability. CVE-2021-44228 affects log4j-core-2.x.jar, which is not consumed by DCS.

Additional Information

For more information on how this and other Broadcom products are affected by this vulnerability, please see Symantec Security Advisory for Log4j 2 CVE-2021-44228 Vulnerability