I'm having the same issue. The instruction's file structure is different in our environment. We only have the 1 log4j-1.2.17.jar vs the 4 that was mentioned in the article. I've tried replacing the 1 file with the 4 2.15.0 but my web portal does not start. I'm getting a 404 Status page.
Jamf needs to update their documentation to include the fact that the instructions are only applicable to Jamf Pro versions 10.31 and up. If you're on an older version, your only recourse is to upgrade to at least 10.31 or to 10.34.1, which takes care of this issue without needing to do anything manually. The instructions don't clearly spell out which versions the mitigation steps apply to.
I am also on 10.26 and just need to know if my version is vulnerable. I totally get the whole upgrade thing, but without going through an upgrade, is 10.26 with log4j-1.2.17.jar vulnerable or is it unaffected by this exploit?
@gwn714 So, in my discussion with Jamf Support on this, they will not commit to saying that Jamf Pro versions below 10.31 are unaffected by this particular issue. However, the notes in the CVE and from the developer have indicated that log4j versions 1.x are in fact NOT affected by CVE-2021-44228, because the JNDI mechanism that's being used to exploit this vulnerability doesn't exist in those versions. That does NOT mean log4j 1.x doesn't have any other issues or bugs.
All Jamf can really tell anyone is that they know Jamf Pro 10.34.1 has this issue addressed. Beyond that, they won't really say. And I get it. They don't want to commit to saying it's safe for liability reasons, since they really can't be 100% sure.