Nexus scan detect discovery_agent probe using log4j v1.2.17. They advise to upgrade to supported version. Does above version affected by zero day vulnerability?

Release :

Component :

Log4j Zero day vulnerability affects only log4j 2.x:

https://nvd.nist.gov/vuln/detail/CVE-2021-44228

So log4j 1.2.17 is not affected by that. 

We are also planning to migrate to log4j 2.x in future release. 

However discovery_agent is also updated to log4j 2.17.1 in UIM 20.4 CU3