There is a new security vulnerability known as Log4J which may impact cloud development tools and security devices. Sage is presently reviewing the vulnerability and does not think there is any impact on Sage 100. Sage KB 113754 has been issued and will be used to update the community with any changes to their findings.

Sage 100 makes use of SAP Crystal Reports. SAP has indicated that they do not see any impact on CR or BOE deployments.

Please review the following Sage support article or the latest updates on Log4J and Sage 100. There is also a discussion on this topic on Sage City.

See also How to detect the Log4j vulnerability in your applications and How Log4j Vulnerability Could Impact You

Sage CRM Impacted by Log4J

Sage indicates that Sage CRM may be impacted by this vulnerability.

Sage has 3 patches in testing for

Sage CRM 2020 R2
Sage CRM 2021 R1
Sage CRM 2021 R2

Availability of the patches will be announced on Sage City.

Sage Log4J and Related Security Information

SAGE KNOWLEDGEBASE

Apache Log4j vulnerability – December 2021 ( KB 113775 )