ADA cloud: important vulnerability issue

Dear CINECA cloud Users,
this is to inform you about an important vulnerability issue about log4jhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
If you are a system administrator of one or more VMs in our HPC cloud and if you are using:- Apache log4j2 version < 2.15.0 - JRE (java runtime environment) version < 8u121 - any message logger which uses sensitive information please check if this vulnerability concerns your VMs.In this case, please apply the following actions: - update Apache log4j2 to version >= 2.15.0- update JRE to version >= 8u121 – if the previous actions are not possible, set the System Property “-Dlog4j2.formatMsgNoLookups=true”
Best regards, HPC User Support @CINECA