OIL products and services resistant to log4j vulnerability

Cybersecurity researchers recently discovered a vulnerability in the Apache log4j logging library. This critical security vulnerability (CVE-2021-44228) can result in remote code execution. We understand that you, as an OIL client, might have concerns about this. We would like to inform you on the impact analysis Magnus Black has performed on all the OIL products and services. You can find the conclusions below.

Product or Service




Not impacted

OIL OMS (main application) does not run an exploitable configuration


Not impacted

OIL PIM does not run an exploitable configuration


Not impacted

OIL TAS does not run an exploitable configuration


Not vulnerable

OIL CDN does not use Log4j


Not vulnerable

OIL Smartproxy does not use Log4j


Not vulnerable

OIL sFTP does not use Log4j

Transformation Service

Not vulnerable

OIL Transformation Service does not use Log4j


In short; all OIL products and services are resistant to this log4j vulnerability. If you have any questions regarding this vulnerability in relation to OIL, don’t hesitate to reach out to your contact at Magnus via phone or email or file a ticket through our Servicedesk portal.


Ready to take your next step in order management?

Book a demo to try OIL for yourself, or download the OIL info sheet.