It seems some of the Progress Products have been Log4j vulnerability according to an initial assessment from the Progress security Team. As of now they have identified only DataDirect Hybrid Data Pipeline and OpenEdge as the products that are Vulnerable. Other products like Chef, Corticon, iMacros has not been deemed as Vulnerable..
Products that are impacted Progress Product Versions Status Patched DataDirect Hybrid Data Pipeline All Workaround Mitigation OpenEdge All Workaround Mitigation
Source: https://www.progress.com/security Products that are not impacted Chef All Not Vulnerable Not Needed Corticon All Not Vulnerable Not Needed Data Integration Suite All Not Vulnerable Not Needed DataDirect ADO.NET All Not Vulnerable Not Needed DataDirect JDBC All Not Vulnerable Not Needed DataDirect ODBC All Not Vulnerable Not Needed DataDirect OpenAccess All Not Vulnerable Not Needed Flowmon All Not Vulnerable Not Needed iMacros All Not Vulnerable Not Needed iMail All Not Vulnerable Not Needed Kemp Loadmaster All Not Vulnerable Not Needed Kendo UI All Not Vulnerable Not Needed Kinvey All Not Vulnerable Not Needed MessageWay All Not Vulnerable Not Needed MOVEit All Not Vulnerable Not Needed MOVEit Cloud All Not Vulnerable Not Needed NativeChat All Not Vulnerable Not Needed SequeLink All Not Vulnerable Not Needed Sitefinity All Not Vulnerable Not Needed Telerik All Not Vulnerable Not Needed Test Studio All Not Vulnerable Not Needed Unite UX All Not Vulnerable Not Needed WhatsUp Gold All Not Vulnerable Not Needed WS_FTP All Not Vulnerable Not Needed
Source: https://www.progress.com/security