Log4j Vulnerability

Many of our clients are receiving the link below and are querying if it will have any impact on their Sage products - please advise:

We've also been sent the paragragh below:

As you are most likely already aware the CVE-2021-44228 (Log4Shell) vulnerability of the Log4j standard logging library has been published on Friday 10/12.

It is a critical vulnerability of Java application servers (and other software using Log4j library), which allows Remote Code Execution (RCE) without authentication or any special permissions. All it takes is sending a specially crafted HTTP call to affected application server.

Any advice or information would be gladly received thank you!

  • Hi Julia

    Thanks for using Sage City.

    The log4j vulnerability was a vulnerability found in Java last year. As Sage Business Cloud does not use the Java programming language, it is unaffected by this issue. 

    If this has answered your question please click More > Verify Answer.

    Tom

    Sage UKI