Look at the the Log4j version under https://github.com/primekeydevs/ejbca-ce/tree/main/lib.
If I'm not wrong this vulnerability affects Log4j 2.x onwards and the latest EJBCA from https://github.com/primekeydevs/ejbca-ce appears to be using only Log4j 1.2.17.
Look at the the Log4j version under https://github.com/primekeydevs/ejbca-ce/tree/main/lib.
If I'm not wrong this vulnerability affects Log4j 2.x onwards and the latest EJBCA from https://github.com/primekeydevs/ejbca-ce appears to be using only Log4j 1.2.17.