The customer has run a log4j YARA scan and found out that windows servers that are installed with the Cspm agent to manage windows local accounts. ("c:\cspm_agent\cloakware\cspmclient\jre\bin\javaw.exe")  is this vulnerable to the attack.

However, the following link: https://knowledge.broadcom.com/external/article?articleId=230405 has stated that the Windows Proxy is not affected by the vulnerability.

We would like to confirm that this is correct?

Release : 3.4.3, 3.4.4, 3.4.5 and 4.0, 4.0.1

Component : CA Privileged Access Manager (PAM)

Log4J Vulnerability

We do not bundle log4j jar in windows proxy.

We do not bundle any of the log4j classes in our jar files.

We ran this command from the link you sent in the windows proxy directory and there are no results.

gci 'C:\cspm_agent' -rec -force -include *.jar -ea 0 | foreach {select-string "JndiLookup.class" $_} | select -exp Path

Hence, Windows proxy is not vulnerable.

Click here: How to check for Log4j RCE CVE-2021-44228 Exploitation Detection