This update is in response to the remote code execution vulnerabilities in the Log4j Java library, which is also known as Log4Shell.
CVE-2021-44228 is not applicable to VAST Clusters. They are not exposed in anyway since no Java is used in our code base.
NVIDIA is aware of these vulnerabilities and is evaluating their potential impact and relevance to its products and services, although it is stated "All Networking products" are not impacted.
More information can be found and tracked here: https://nvidia.custhelp.com/app/answers/detail/a_id/5294
We have conducted further checks of our IT, Cloud systems and Uplink Portal (formally named CVMS) to confirm we are not exposed in these environments.