SAP continues to investigate the remote code execution vulnerability (CVE-2021-44228) related to Apache Log4j disclosed on Dec 10, 2021. SAP encourages customers to update to the latest version of Log4j, where applicable. Check regularly updated detailed information in SAP site – here. Additional information about vulnerability in HANA XS and AS Java Core Components.
Information about exploit found in log4j in other products You can find here.