Currently the full extent is not yet clear, there is also no information about exact product releases and possible fixes.
IBM has set up an extra page that provides general information about the assessment and further measures and is continuously updated: https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
From older security bulletins we strongly assume that at least the Spectrum Protect Backup/Archive Client and Spectrum Protect for Virtual Environments are affected, as these two components were already affected by another vulnerability in Log4J in May:
Currently there are a number of other vulnerabilities that have been fixed with the just released 8.1.13 versions. The overall solution should be coordinated with the current CVE and its solution.
Further information on the situation on the part of the BSI Bund
Please feel free to contact us directly if you have any questions.
We will continue to keep you updated via this channel as well.