Business Intelligence XI 3.1 and log4j vulnerability CVE-2021-44228

Hello

SAP have stated that Crystal Business Intelligence Platform 4.x is not affected by CVE-2021-44228

Please can you let us know if BI XI 3.1 is affected

We are currently using the crystal 2008 java runtime engine, and that seems to use log4j v1.2.8

Thank you.