Skip to main content
Nintex Community Menu Bar

Zero day exploit on Apache log4j library

  • December 14, 2021
  • 0 replies
  • 93 views

MillaZ
Nintex Employee
Forum|alt.badge.img+21
  • Nintex Employee
  • 639 replies

Nintex has evaluated both its on-premises products and cloud-based capabilities with respect to the Zero Day Remote Code Execution (RCE) Vulnerability in Java Logging Package Log4j and Log4Shell. NVD - CVE-2021-44228 (nist.gov).  
 

Nintex can confirm that we have found no areas of concern and can state that Nintex on-premises products are not affected. Nintex can also confirm that we have found no areas of concern and can state that Nintex cloud-based capabilities are not directly affected. We continue to work with our supply chain vendors to establish any potential issues.


1. Has Nintex organization investigated the Zero Day Remote Code Execution (RCE) Vulnerability in Java Logging Package Log4j and Log4Shell? NVD - CVE-2021-44228 (nist.gov)

  • Yes
     

2. Does Nintex products provided to customers directly use affected version of Java Logging Package Log4j and Log4Shell?

  • No
     

3. Was any of the Nintex partner or third-party providers impacted by Zero Day Remote Code Execution (RCE) Vulnerability in Java Logging Package Log4j and Log4Shell issue.

  • Nintex is not aware of any impact to our customer facing services. We continue to work with our supply chain vendors to establish any potential issues.

Translate
Did this topic help you find an answer to your question?

0 replies

Be the first to reply!

Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie Settings