For those having to deal with this, and for those that might not know about it……. Here is Cisco’s info on the fun. At least CUCM is not on the list….. https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apache-log4j-qRuKNEbd