We have a number of DataPower agents that contain an Apache log4j jar that is less than version 1.x.  Is there a updated version of the DataPower agent or related infrastructure agent that has the DataPower module which has an updated log4j jar?

hhttps://www.tenable.com/plugins/nessus/182252

Release : 10.7.0

The Infrastructure now includes Data Power and is documented in :

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/dx-apm-agents/SaaS/infrastructure-agent/IBM-DataPower-Extension.html

In reviewing the 23.5 Release Notes, 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/dx-apm-agents/SaaS/release-notes/23-5.html

You see the following:

Added Logback Support
Logging has moved from log4j framework to the logback framework for compliance reasons. Frequently used properties are exposed via IntroscopeAgent.profile and advanced configuration is maintained in agent-logback-configuration.xml. For more information, see Logging Using Logback and Logging Configuration.

So, please upgrade to 23.5 or later agent to mitigate this issue.