Statement on Apache Log4j Vulnerability

12/15/2021

As you may already know, a vulnerability within the Apache Log4j tool was identified on Friday, December 10, 2021 – tracked as CVE-2021-44228, which is also known as Log4Shell Vulnerability. Log4j is a logging utility library created by Apache and widely used across the globe for providing logging capabilities. Many, many online applications and services are potentially vulnerable to this exploit, it is a real threat to the community and the impact is overwhelmingly significant.

Our Security and Engineering teams, under the direction of our management team, conducted a full impact assessment after the vulnerability was initially identified early Friday morning and we have found no use of the library in our source code repository, neither have we found the use of the library in any of our network infrastructure that supports our operations.

KingswaySoft can confirm there are no vulnerabilities in the following products with regards to this particular security concern, as they do not utilize the Apache Log4j library:

  • KingswaySoft Integration Gateway
  • SSIS Productivity Pack
  • SSIS Integration Toolkit for Directory Services
  • SSIS Integration Toolkit for Hubspot
  • SSIS Integration Toolkit for Magento
  • SSIS Integration Toolkit for Marketo
  • SSIS Integration Toolkit for Microsoft Dynamics 365
  • SSIS Integration Toolkit for Microsoft Dynamics GP
  • SSIS Integration Toolkit for Microsoft Dynamics SL
  • SSIS Integration Toolkit for Microsoft Project Server
  • SSIS Integration Toolkit for Microsoft SharePoint
  • SSIS Integration Toolkit for NetSuite
  • SSIS Integration Toolkit for Oracle CRM On Demand
  • SSIS Integration Toolkit for Oracle Marketing Cloud
  • SSIS Integration Toolkit for QuickBooks
  • SSIS Integration Toolkit for Salesforce
  • SSIS Integration Toolkit for Team Foundation Server
  • SSIS Integration Toolkit for Xero

It is worth noting that our software is mainly created in the Microsoft technology stack, while log4j is a Java library, which we cannot easily make use of it.

At KingswaySoft, we are committed to providing the software that you can trust. If there is anything that we can help you with, please do not hesitate to reach out to our team.

Additional links


Back to News