There is a new security vulnerability known as Log4J which may impact cloud development tools and security devices. Sage is presently reviewing the vulnerability and does not think there is any impact on Sage 100. Sage KB 113754 has been issued and will be used to update the community with any changes to their findings.
Sage 100 makes use of SAP Crystal Reports. SAP has indicated that they do not see any impact on CR or BOE deployments.
Please review the following Sage support article or the latest updates on Log4J and Sage 100. There is also a discussion on this topic on Sage City.
Sage CRM Impacted by Log4J
Sage indicates that Sage CRM may be impacted by this vulnerability.
Sage has 3 patches in testing for
Sage CRM 2020 R2
Sage CRM 2021 R1
Sage CRM 2021 R2
Availability of the patches will be announced on Sage City.
Sage Log4J and Related Security Information
Apache Log4j vulnerability – December 2021 ( KB 113775 )