The version of log4j (1.2.17, also referred to as log4j1) used in the Kaazing Gateway/KWIC is not affected by the vulnerability in CVE-2021-44228.
As stated by Apache here https://logging.apache.org/log4j/2.x/security.html, "Log4j 1.x is not impacted by this vulnerability".
Official statements from Microsoft and Amazon regarding their use of log4j1:
The use of log4j 1.2.17 in Kaazing Gateway/KWIC is not impacted by CVE-2021-44228. We have no current plans to upgrade from log4j1 to log4j2.