Nintex has evaluated both its on-premises products and cloud-based capabilities with respect to the Zero Day Remote Code Execution (RCE) Vulnerability in Java Logging Package Log4j and Log4Shell. NVD - CVE-2021-44228 (nist.gov).
Nintex can confirm that we have found no areas of concern and can state that Nintex on-premises products are not affected. Nintex can also confirm that we have found no areas of concern and can state that Nintex cloud-based capabilities are not directly affected. We continue to work with our supply chain vendors to establish any potential issues.
1. Has Nintex organization investigated the Zero Day Remote Code Execution (RCE) Vulnerability in Java Logging Package Log4j and Log4Shell? NVD - CVE-2021-44228 (nist.gov)
-
Yes
2. Does Nintex products provided to customers directly use affected version of Java Logging Package Log4j and Log4Shell?
-
No
3. Was any of the Nintex partner or third-party providers impacted by Zero Day Remote Code Execution (RCE) Vulnerability in Java Logging Package Log4j and Log4Shell issue.
-
Nintex is not aware of any impact to our customer facing services. We continue to work with our supply chain vendors to establish any potential issues.