Hi,
Yes, the log4j has came back around from last year. Within Broadcom APM enterprise managers, they have a Log4J library that when scanned is version <=1.x. These versions are "EOL" end of life.
https://www.tenable.com/plugins/nessus/182252
Last time we visited this topic Broadcom published the following:
https://knowledge.broadcom.com/external/article?articleId=233745
What is the response for version 10.7 with Log4J <=1.x?
Release : 10.7.0
1) 10.7 is End of Life 12-31-23. In two months. We can do a case(s) on upgrade if required . It still has Log4J . Upgrading to 10.8,2x.x,2x.x (and SAAS) will have a log4j-free environment
2) On the Agent side , there is no more Log 4j