The UTM collector, which is written in Python, doesn't use the Log4J library.
Just to remind you again, keep the packages, such as Grafana, InfluxDB, Telegraf, and Python, up to date. The OVA version of UTM is based on CentOS 7.6. Alternatively, UTM can be installed on an OS of your choice. In both the cases, keep your OS up to date and secure.
UTM is not affected by the Log4j vulnerability.
See announcement from Grafana - https://grafana.com/blog/2021/12/14/grafana-labs-core-products-not-impacted-by-log4j-cve-2021-44228-and-related-vulnerabilities/
See announcement from InfluxDB - https://www.influxdata.com/blog/apache-log4j-vulnerability-cve-2021-44228/
The UTM collector, which is written in Python, doesn't use the Log4J library.
Just to remind you again, keep the packages, such as Grafana, InfluxDB, Telegraf, and Python, up to date. The OVA version of UTM is based on CentOS 7.6. Alternatively, UTM can be installed on an OS of your choice. In both the cases, keep your OS up to date and secure.