PMG Security Bulletin
Let us set your mind at ease
PMG is not impacted by the Apache Log4j vulnerability, CVE-2021-44228. The PMG Platform does not leverage the open-source Apache “Log4j2” utility.
As is widely recommended, customers that manage other environments containing Log4j2 should update to the latest version of Log4j2 immediately. The update is available from: https://logging.apache.org/log4j/2.x/download.html.
For more information on the Apache Log4j2 vulnerability, contact your IT Security team, or visit the NIST vulnerability database: https://nvd.nist.gov/vuln/detail/CVE-2021-44228.