Security scan is flagging the following two log4j jars on an APM 10.7 installation with "Apache Log4j 1.2 Remote Code Execution Vulnerability" & "EOL/Obsolete Software: Apache Log4j 1.X Detected":
Does a patch upgrade these versions?
Can they be removed from the system?
Release : 10.7.0
I sent your response over to my security team. You can close the request.
I deleted the APMSQL Server jar.