Fixing Log4j Vulnerability
The easiest way to remediate this is to update to log4j version 2.15.0 or later, as this behavior is now disabled by default. In previous releases (>2.10) this behavior can be mitigated by setting the system property log4j2.formatMsgNoLookups to true by adding the following Java parameter: -Dlog4j2.formatMsgNoLookups=true Alternatively, you can mitigate this vulnerability by removing…