SmartSimple Blog

SmartSimple Cloud not impacted by Apache Log4j Security vulnerability

Posted by SmartSimple Software on Dec 16, 2021 1:32:17 PM

Security update regarding the critical Apache Log4j Security Vulnerability

Your organization may have received a security alert on Friday, December 10th, 2021 regarding a critical remote code execution vulnerability that has been identified in the popular Java logging library, Apache Log4j (ref: CVE-2021-44228 vulnerability).

SmartSimple can confirm the following:

  • SmartSimple Cloud does not use Apache Log4j as a user access logging mechanism.
  • SmartSimple Cloud is not impacted by this vulnerability.
  • We continue to monitor the CVE-2021-44118 vulnerability across our supply chain.

Topics: Security Update