https://bugzilla.redhat.com/show_bug.cgi?id=1752962
--- Comment #5 from Cedric Buissart 🐶 cbuissar@redhat.com --- Statement:
OpenDaylight provided as part of Red Hat OpenStack does not utilize logback when used in a supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.
Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.