Date: Dec 10, 2021
Dear Broadcom Customer,
The purpose of this Advisory is to inform you of a critical vulnerability that has been recently identified with the log4j library under vulnerability, CVE-2021-44228.
We are investigating the impact for the Layer7 API Gateway in detail at this time. Preliminary investigation shows that the API Gateway is not affected as it does not include "JndiLookup.class" in any of the versions. At this time no action is required for the Layer7 API gateway related to the CVE. We will post further updates as and when they become available.
If you have any questions about this Advisory, please contact Broadcom Support.
Broadcom Product Team