Extreme Networks has reviewed and evaluated product and software exposure to CVE-2021-44228, known as the "Log4Shell" vulnerability.
By using a specially crafted string, an attacker can insert a malicious payload via JNDI through Log4j's logging subsystem. The payload can result in an RCE at the privilege level of the Log4j service or divulge sensitive information.