Kantata Security Advisory

Dear Valued Customer,

Over the past few days, there has been significant news coverage regarding a security issue involving the third-party application, Drift (a Salesloft application), and its integration with Salesforce. As a company that used the Drift application, we want to assure our customer base that we have addressed this issue directly and have taken all necessary measures to secure our systems, and have terminated use of the Drift application. We want to be clear: the Drift application was not connected to the Kantata OX or SX platforms.

Rest assured that Kantata continues our commitment to maintaining the highest standards of security and transparency and will provide updates as appropriate.

If you have any questions or require further assistance, please do not hesitate to contact our Kantata Security Team at security@kantata.com.

Thank you for your continued trust in Kantata.

Sincerely,
The Kantata Security Team

Issue:

Kantata is aware of the recently disclosed remote code execution (RCE) zero-day Apache Log4j vulnerability CVE-2021-44228.

Impact:

The good news is that Kantata does not leverage Log4j2 in the product nor has any dependencies on it. For this reason, Kantata does not believe that this vulnerability has an impact on our services at this time.

Status:

Kantata is proactively monitoring the issue and will continue to assess 3rd party vendors to ensure remediations are in place if applicable. At Kantata, we treat protection of our customers’ data as a top priority. If Kantata does become aware of unauthorized access to Customer Data, notification will be sent immediately without undue delay.

If you would like more information regarding the vulnerability, please review CVE-2021-44228.

Thank you for your continued trust you have placed in Kantata.