The lack of response from MicroFocus regarding log4j across all Micro Focus products is unacceptable and disturbing. Pleas provide work arounds imediately. 

My guess so far is that the log4j.properties needs adjustment followed by a restart of the log4j service. But this is only my unskilled guesswork based on other vendors work arounds in their products. 

I can ask....

I know the are specific tickets open for ZCM for analysis.  I know there is a wider process as well for any MF products that could be impacted.  I expect some official word to come down today on various products, but impact analysis and remediation steps if appropriate are being investigated, tested, and documented.

And there is a ZSD Specific Ticket as well as I dig deeper.

Still awaiting an official statement on ZSD.  I did hear 3rd or 4th hand that they did not believe it was impacted.  However, I just sent another inquiry that we need an official statement.

That may be pending in some more general TIDs.

Craig is correct, Official word is that ZSD is not impacted by the Log 4j (CVE-2021-44228) vulnerability.

ZSD is not using the vulnerable version of the library.

see also https://community.microfocus.com/collaboration/zenworks/w/zenworkstips/40723/log4j-cve-2021-44228-vulnerability-in-zenworks