Security update regarding the critical Apache Log4j Security Vulnerability
Your organization may have received a security alert on Friday, December 10th, 2021 regarding a critical remote code execution vulnerability that has been identified in the popular Java logging library, Apache Log4j (ref: CVE-2021-44228 vulnerability).
SmartSimple can confirm the following:
- SmartSimple Cloud does not use Apache Log4j as a user access logging mechanism.
- SmartSimple Cloud is not impacted by this vulnerability.
- We continue to monitor the CVE-2021-44118 vulnerability across our supply chain.