Scanned APM 10.8 Server, found some issues with the current log4j version.
The below scan results point to (3) locations on our Windows 2022 server where APM 10.8 is running:
Path : C:\Introscope\product\webview\configuration\org.eclipse.osgi\14\0\.cp\lib\log4j-over-slf4j-1.7.31.jar
Installed version : 1.2.17
Path : C:\Introscope\product\enterprisemanager\configuration\org.eclipse.osgi\17\0\.cp\lib\log4j-over-slf4j-1.7.31.jar
Installed version : 1.2.17
Path : C:\Introscope\product\enterprisemanager\configuration\org.eclipse.osgi\13\0\.cp\WebContent\WEB-INF\lib\log4j-over-slf4j-1.7.31.jar
Installed version : 1.2.17
The APM 10.8 SP1 contains the fix for this Security vulnerabilities found in Apache log4j 1.2rc1, 1.2.14 and 1.2.17.
Ref Attached Readme txt file.