FortiAnalyzer-BD has components that utilize log4j but the impact surface is very limited.
To mitigate the vulnerability, It is possible either:
1) Upgrade to Special Build based on 6.4.6 or 7.0.1.
2) Run Script to mitigate the vulnerability in Live Environment without upgrading.
Below are the steps to run the script:
1) Unzip the attached Script file patch_log4j_vulnerability.zip.
2) Run the script on the Security Event Cluster Controller.
3) Stop and start all services to take effect:
From GUI, go to Cluster Manager -> Services -> Actions, select 'Stop All Services' and wait until done.
Select 'Start All Services' and wait until done.
If Factory Reset is performed, then the script needs to be run again.