Regarding the recently announced 0 day CVE-2021-44228 (aka Log4Shell aka LogJam):
Details regarding a new security vulnerability identified as CVE-2021-44228 (aka Log4Shell aka LogJam) were released on December 30.
This issue is generating considerable media attention, and is currently Esri Product Security Incident Response Team's highest priority.
Please follow the advisory posted on the ArcGIS Trust Center for the latest regarding this issue.