NiCE is aware of the recent, publicly disclosed security issue relating to the Spring4Shell security risk. Our teams are actively monitoring this issue and taking the appropriate actions making sure that all our products and solutions, as well as our internal corporate networks and systems, are protected against this threat.
All NiCE cloud solutions, to date, are confirmed as NON-impacted. All NiCE on-premise solutions, to date, are confirmed as NON-impacted. Customers of NiCE Actimize running Java version 11 are recommended to contact support as they may be vulnerable to Spring4Shell.
NiCE is aware of the recent, publicly disclosed security issue relating to the Log4j 0-Day security risk. Our teams are actively monitoring this issue and taking the appropriate actions making sure that all our products and solutions, as well as our internal corporate networks and systems, are protected against this threat.
The NiCE CXone Cybersecurity team performed a review of all firewall and network activity and found zero evidence of Log4j/0-Day activity. Additionally, our engineers verified that all external network devices are properly configured to protect against this threat.