On Friday, December 10th there was a vulnerability announced by Apache related to a logging system leveraged by Sage CRM versions 2020R2 and above. Here is the link to Sage’s announcement Advisory: Apache log4j vulnerability (CVE-2021-45046) – Sage CRM Hints, Tips and Tricks – Sage CRM – Sage City Community
The feature that includes this vulnerability was only introduced to Sage CRM in version 2020 R2. If your companies version of Sage CRM is 2020R1 or earlier, there is nothing that needs to be done. If your system is version 2020R1 or above, you should contact your Sage CRM service provider to apply the patch.