We have updated UIM to version 20.4 and we still detected this vulnerability on the Primary hub:
/opt/nimsoft/probes/service/wasp/lib/services/log4j-1.2.17.jar
The current wasp version is 20.44.
log4j 2.17.1 is not vulnerable. That is the reason we have upgraded all webapps with the log4j version 2.17.1.
It is uncertain as to why your scan still shows the old version of log4j that is-> 1.2.17.
The log4j-1.2-api-2.17.1.jar is expected. This is a "compatibility bridge" between old (vulnerable) log4j 1.2 and new (not vulnerable) 2.17.1.
It itself is part of the 2.17.1 version and is safe/not vulnerable.
If you have this log4j1.2.17.jar on your system then this is probably a 'left over' artifact from a previous install/upgrade and it should be ok to delete.
Save a copy to your desktop or another safe place just for safekeeping then delete the log4j-1.2.17.jar under-> /opt/nimsoft/probes/service/wasp/lib/services
Resolution confirmed.