Hello,
In addition to Waylon’s comment, the Tomcat server used by sync-endpoint should also not be affected (as per the official Tomcat website: Apache Tomcat® - Apache Tomcat 8 vulnerabilities)
The other application exposed by sync-endpont is Nginx which is written in C and not affected by Log4j.
Best regards,
Emil