Workiva systems were fully patched to Log4j2 2.17 as of December 24th, 2021. Although Workiva has investigated and determined that we are not vulnerable to the newest CVE (CVE-2021-44832), we are additionally patching all systems to 2.17.1 under our standard patching timelines.
We continue to work with our third-parties to identify and mitigate any upstream impact.