This vulnerability can and should be immediately mitigated by introducing a JVM system property to the application server environment that is hosting IdentityIQ.
Detailed information on action needed can be located here: https://community.sailpoint.com/t5/IdentityIQ-Blog/IdentityIQ-log4j-Remote-Code-Execution-Vulnerabil...
This vulnerability can and should be immediately mitigated by updating the log4j library in the Elasticsearch instance that is part of the File Access Manager deployment as documented in the content for the CVE referenced above.
Detailed information on action needed can be located here: https://community.sailpoint.com/t5/File-Access-Manager-Blog/File-Access-Manager-log4j-Remote-Code-Ex...