Tenable vulnerability scanner identifies Log4j in the SEM agent

Curious is anyone has seen this or how people are dealing with it. My understanding is that the SEM agent doesn't actually use any of the vulnerable classes in Log4j but Tenable is flagging the files based on version number which right now is 1.x which is out of support so it's flagged as a vulnerability.  Whether or not it's exploitable doesn't really matter to our security team which wants us to somehow address this.

Parents
No Data
Reply Children
No Data