Vulnerabilites related to Servicenow - Now Platform
CVE-2024-5890 (GCVE-0-2024-5890)
Vulnerability from cvelistv5
Published
2024-12-02 18:24
Modified
2024-12-02 19:21
Severity ?
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
ServiceNow has addressed an HTML injection vulnerability that was identified in the Now Platform. This vulnerability could potentially enable an unauthenticated user to modify a web page or redirect users to another website.
ServiceNow released updates to customers that addressed this vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance(s) as soon as possible.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Utah Patch 8 Hot Fix 1 Version: 0 < Vancouver Patch 10 Version: 0 < Vancouver Patch 9 Version: 0 < Washington DC Early Access |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5890",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-02T19:20:40.477397Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T19:21:08.073Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 8 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Early Access",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Alexandre Rodrigo Da Silva"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an HTML injection vulnerability that was \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eidentified\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e in the Now Platform. This vulnerability could\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e potentially\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e enable an unauthenticated user to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003emodify\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ea\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eweb \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003epage\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e or redirect users to another \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ewebsite\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ereleased\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eupdate\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003es\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;to customers\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e that addressed this vulnerability\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf you have not done so already, we recommend applying security patches relevant to your instance(s) as soon as possible\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed an HTML injection vulnerability that was identified in the Now Platform. This vulnerability could potentially enable an unauthenticated user to modify a web page or redirect users to another website.\n\nServiceNow released updates\u00a0to customers that addressed this vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance(s) as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-02T18:24:55.797Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1710511"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "HTML Injection in the Assessment plugin",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-5890",
"datePublished": "2024-12-02T18:24:55.797Z",
"dateReserved": "2024-06-12T00:02:00.934Z",
"dateUpdated": "2024-12-02T19:21:08.073Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43684 (GCVE-0-2022-43684)
Vulnerability from cvelistv5
Published
2023-06-13 18:51
Modified
2025-02-13 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.
Additional Details
This issue is present in the following supported ServiceNow releases:
* Quebec prior to Patch 10 Hot Fix 8b
* Rome prior to Patch 10 Hot Fix 1
* San Diego prior to Patch 7
* Tokyo prior to Tokyo Patch 1; and
* Utah prior to Utah General Availability
If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: Quebec < Patch 10 Hot Fix 8b Version: Rome < Patch 10 Hot Fix 1 Version: San Diego < Patch 7 Version: Tokyo < Tokyo Patch 1 Version: Utah < Utah General Availability (GA) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"tags": [
"x_transferred"
],
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T20:40:28.652664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T20:40:46.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Patch 10 Hot Fix 8b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hot Fix 1",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 7",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 1",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"lessThan": "Utah General Availability (GA)",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Luke Symons"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tony Wu"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Eldar Marcussen"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gareth Phillips"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jeff Thomas"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nadeem Salim"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Stephen Bradshaw"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\u003c/p\u003e\u003c/div\u003e\u003cp\u003e\u003cstrong\u003eAdditional Details\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eThis issue is present in the following supported ServiceNow releases: \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003eQuebec prior to Patch 10 Hot Fix 8b\u003c/li\u003e\u003cli\u003eRome prior to Patch 10 Hot Fix 1\u003c/li\u003e\u003cli\u003eSan Diego prior to Patch 7\u003c/li\u003e\u003cli\u003eTokyo prior to Tokyo Patch 1; and \u003c/li\u003e\u003cli\u003eUtah prior to Utah General Availability \u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n * Quebec prior to Patch 10 Hot Fix 8b\n * Rome prior to Patch 10 Hot Fix 1\n * San Diego prior to Patch 7\n * Tokyo prior to Tokyo Patch 1; and \n * Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T17:06:41.003Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ACL bypass in Reporting functionality",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-43684",
"datePublished": "2023-06-13T18:51:39.984Z",
"dateReserved": "2022-10-24T04:08:01.240Z",
"dateUpdated": "2025-02-13T16:33:36.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46389 (GCVE-0-2022-46389)
Vulnerability from cvelistv5
Published
2023-04-17 00:00
Modified
2025-02-06 16:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: Quebec < Patch 10 Hotfix 11b Version: Rome < Patch 10 Hotfix 3b Version: San Diego < Patch 9 Version: Tokyo < Patch 4 Version: Utah < GA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T16:01:34.843493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T16:01:59.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Patch 10 Hotfix 11b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 3b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 9",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Patch 4",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"lessThan": "GA",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bao Bui a.k.a 0xd0ff9 from VNG Security Team"
}
],
"datePublic": "2023-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross-Site Scripting (XSS) vulnerability found on logout functionality",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-46389",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2022-12-04T00:00:00.000Z",
"dateUpdated": "2025-02-06T16:01:59.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4879 (GCVE-0-2024-4879)
Vulnerability from cvelistv5
Published
2024-07-10 16:16
Modified
2025-07-30 01:36
Severity ?
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Utah Patch 10 Hot Fix 3 Version: 0 < Utah Patch 10a Hot Fix 2 Version: 0 < Vancouver Patch 6 Hot Fix 2 Version: 0 < Vancouver Patch 7 Hot Fix 3b Version: 0 < Vancouver Patch 8 Hot Fix 4 Version: 0 < Vancouver Patch 9 Version: 0 < Vancouver Patch 10 Version: 0 < Washington DC Patch 1 Hot Fix 2b Version: 0 < Washington DC Patch 2 Hot Fix 2 Version: 0 < Washington DC Patch 3 Hot Fix 1 Version: 0 < Washington DC Patch 4 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4879",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T18:58:02.257329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:37.385Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2024-4879 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:10.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u003c/span\u003e\u0026nbsp;\u003c/span\u003eServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003cdiv\u003e\u003c/div\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287 Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:28:49.374Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jelly Template Injection Vulnerability in ServiceNow UI Macros",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-4879",
"datePublished": "2024-07-10T16:16:39.926Z",
"dateReserved": "2024-05-14T17:39:41.655Z",
"dateUpdated": "2025-07-30T01:36:37.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8924 (GCVE-0-2024-8924)
Vulnerability from cvelistv5
Published
2024-10-29 16:14
Modified
2024-10-31 03:55
Severity ?
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Utah Patch 10b Hot Fix 3 Version: 0 < Vancouver Patch 8 Hot Fix 5 Version: 0 < Vancouver Patch 9 Hot Fix 3b Version: 0 < Vancouver Patch 10 Hot Fix 2 Version: 0 < Washington DC Patch 4 Hot Fix 2b Version: 0 < Washington DC Patch 5 Hot Fix 6 Version: 0 < Washington DC Patch 6 Hot Fix 1 Version: 0 < Washington DC Patch 7 Version: 0 < Xanadu Patch 1 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:utah:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Utah Patch 10b Hot Fix 3",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:vancouver:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Vancouver Patch 8 Hot Fix 5",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 3b",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10 Hot Fix 2",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:washington_dc:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Washington DC Patch 4 Hot Fix 2b",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5 Hot Fix 6",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 6 Hot Fix 1",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 7",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:xanadu:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Xanadu Patch 1",
"status": "affected",
"version": "Xanadu",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T03:55:17.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10b Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4 Hot Fix 2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5 Hot Fix 6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 6 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T-Mobile"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFurther, the vulnerability is addressed in the listed patches and hot fixes.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u00a0ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T16:14:38.836Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706072"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Blind SQL Injection in Core Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-8924",
"datePublished": "2024-10-29T16:14:38.836Z",
"dateReserved": "2024-09-16T23:37:01.512Z",
"dateUpdated": "2024-10-31T03:55:17.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39048 (GCVE-0-2022-39048)
Vulnerability from cvelistv5
Published
2023-04-10 00:00
Modified
2025-02-07 20:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Cross Site Scripting (XSS)
Summary
A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Servicenow | Now Platform |
Version: Tokyo < Patch 1a Version: San Diego < Patch 7b Version: Rome < Patch 10 Hotfix 2b Version: Quebec < Patch 10 Hotfix 10b |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T20:13:45.492244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T20:14:00.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "Servicenow",
"versions": [
{
"changes": [
{
"at": "Patch 2",
"status": "unaffected"
}
],
"lessThan": "Patch 1a",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"changes": [
{
"at": "Patch 9",
"status": "unaffected"
}
],
"lessThan": "Patch 7b",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 2b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 10b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "theamanrawat"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\u003c/p\u003e"
}
],
"value": "A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting (XSS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T15:27:13.546Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/"
},
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in ServiceNow UI page assessment_redirect",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-39048",
"datePublished": "2023-04-10T00:00:00.000Z",
"dateReserved": "2022-08-31T00:00:00.000Z",
"dateUpdated": "2025-02-07T20:14:00.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5217 (GCVE-0-2024-5217)
Vulnerability from cvelistv5
Published
2024-07-10 16:28
Modified
2025-07-30 01:36
Severity ?
9.2 (Critical) - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-184 - Incomplete List of Disallowed Inputs
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Utah Patch 10 Hot Fix 3 Version: 0 < Utah Patch 10a Hot Fix 2 Version: 0 < Utah Patch 10b Hot Fix 1 Version: 0 < Vancouver Patch 6 Hot Fix 2 Version: 0 < Vancouver Patch 7 Hot Fix 3b Version: 0 < Vancouver Patch 8 Hot Fix 4 Version: 0 < Vancouver Patch 9 Hot Fix 1 Version: 0 < Vancouver Patch 10 Version: 0 < Washington DC Patch 1 Hot Fix 3b Version: 0 < Washington DC Patch 2 Hot Fix 2 Version: 0 < Washington DC Patch 3 Hot Fix 2 Version: 0 < Washington DC Patch 4 Version: 0 < Washington DC Patch 5 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5217",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T19:00:26.864987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T01:36:37.186Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2024-5217 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:03:11.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10b Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:29:22.478Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete Input Validation in GlideExpression Script",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-5217",
"datePublished": "2024-07-10T16:28:32.649Z",
"dateReserved": "2024-05-22T18:36:08.570Z",
"dateUpdated": "2025-07-30T01:36:37.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5178 (GCVE-0-2024-5178)
Vulnerability from cvelistv5
Published
2024-07-10 16:23
Modified
2024-08-01 21:03
Severity ?
6.9 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
4.9 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-184 - Incomplete List of Disallowed Inputs
Summary
ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server. The vulnerability is addressed in the listed patches and hot fixes, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Utah Patch 10 Hot Fix 3 Version: 0 < Utah Patch 10a Hot Fix 2 Version: 0 < Utah Patch 10b Hot Fix 1 Version: 0 < Vancouver Patch 6 Hot Fix 2 Version: 0 < Vancouver Patch 7 Hot Fix 3b Version: 0 < Vancouver Patch 8 Hot Fix 4 Version: 0 < Vancouver Patch 9 Hot Fix 1 Version: 0 < Vancouver Patch 10 Version: 0 < Washington DC Patch 1 Hot Fix 3b Version: 0 < Washington DC Patch 2 Hot Fix 2 Version: 0 < Washington DC Patch 3 Hot Fix 2 Version: 0 < Washington DC Patch 4 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-11T16:42:23.827649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T16:42:33.387Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:03:11.076Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648312"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10b Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability is addressed in the listed patches and hot fixes, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server.\u00a0The vulnerability is addressed in the listed patches and hot fixes, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-11T21:35:29.680Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648312"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete Input Validation in SecurelyAccess API",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-5178",
"datePublished": "2024-07-10T16:23:39.270Z",
"dateReserved": "2024-05-21T16:40:28.169Z",
"dateUpdated": "2024-08-01T21:03:11.076Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8923 (GCVE-0-2024-8923)
Vulnerability from cvelistv5
Published
2024-10-29 16:07
Modified
2024-10-31 03:55
Severity ?
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Vancouver Patch 9 Hot Fix 2a Version: 0 < Vancouver Patch 10 Version: 0 < Washington DC Patch 4 Hot Fix 1a Version: 0 < Washington DC Patch 5 Version: 0 < Xanadu GA Release |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:vancouver:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Vancouver Patch 9 Hot Fix 2a",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:washington_dc:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Washington DC Patch 4 Hot Fix 1a",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:xanadu:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Xanadu GA Release",
"status": "affected",
"version": "Xanadu",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8923",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T03:55:16.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Vancouver Patch 9 Hot Fix 2a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4 Hot Fix 1a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu GA Release",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T-Mobile"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFurther, the vulnerability is addressed in the listed patches and hot fixes.\u003c/span\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T16:23:19.336Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706070"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sandbox Escape in Now Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-8923",
"datePublished": "2024-10-29T16:07:07.310Z",
"dateReserved": "2024-09-16T23:33:41.375Z",
"dateUpdated": "2024-10-31T03:55:16.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-3648 (GCVE-0-2025-3648)
Vulnerability from cvelistv5
Published
2025-07-08 16:07
Modified
2025-08-19 18:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1220 - Insufficient Granularity of Access Control
Summary
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer instance data that is not intended to be accessible to them.
To assist customers in enhancing access controls, ServiceNow has introduced additional access control frameworks in Xanadu and Yokohama, such as Query ACLs, Security Data Filters and Deny-Unless ACLs.
Additionally, in May 2025, ServiceNow delivered to customers a security update that is designed to enhance customer ACL configurations.
Customers, please review the KB Articles in the References section.
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2139567 | vendor-advisory | |
| https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2046494 | permissions-required | |
| https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2256712 | permissions-required |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: Aspen < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-3648",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T20:36:46.981615Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-08T20:36:58.725Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"status": "affected",
"version": "Aspen",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tomasz Bukowski (keidii)"
},
{
"lang": "en",
"type": "finder",
"value": "Neta Armon"
},
{
"lang": "en",
"type": "finder",
"value": "Mio Matsushita"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer instance data that is not intended to be accessible to them.\u003cbr\u003e\u003cbr\u003eTo assist customers in enhancing access controls, ServiceNow has introduced additional access control frameworks in Xanadu and Yokohama, such as Query ACLs, Security Data Filters and Deny-Unless ACLs.\u003cbr\u003e\u003cbr\u003eAdditionally, in May 2025, ServiceNow delivered to customers a security update that is designed to enhance customer ACL configurations.\u003cbr\u003e\u003cbr\u003eCustomers, please review the KB Articles in the References section."
}
],
"value": "A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer instance data that is not intended to be accessible to them.\n\nTo assist customers in enhancing access controls, ServiceNow has introduced additional access control frameworks in Xanadu and Yokohama, such as Query ACLs, Security Data Filters and Deny-Unless ACLs.\n\nAdditionally, in May 2025, ServiceNow delivered to customers a security update that is designed to enhance customer ACL configurations.\n\nCustomers, please review the KB Articles in the References section."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1220",
"description": "CWE-1220: Insufficient Granularity of Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-19T18:37:03.796Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB2139567"
},
{
"tags": [
"permissions-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB2046494"
},
{
"tags": [
"permissions-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB2256712"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Data Inference in Now Platform via Conditional ACLs",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2025-3648",
"datePublished": "2025-07-08T16:07:11.803Z",
"dateReserved": "2025-04-15T13:30:21.572Z",
"dateUpdated": "2025-08-19T18:37:03.796Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0337 (GCVE-0-2025-0337)
Vulnerability from cvelistv5
Published
2025-03-06 16:29
Modified
2025-03-06 16:41
Severity ?
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise would not be entitled to access.
This issue is addressed in the listed patches and family release, which have been made available to hosted and self-hosted customers, as well as partners.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Version: 0 < Washington DC Patch 9 Version: 0 < Xanadu Patch 4 Version: 0 < Yokohama |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0337",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-06T16:41:51.687542Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T16:41:58.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Washington DC Patch 9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Yokohama",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jean-Michel Huguet from the NATO Cyber Security Centre (NCSC)"
},
{
"lang": "en",
"type": "finder",
"value": "Justin Hocquel from the NATO Cyber Security Centre (NCSC)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise would not be entitled to access. \u003cbr\u003e\u003cbr\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue is addressed in the listed patches and family release, which have been made available to hosted and self-hosted customers, as well as partners. \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise would not be entitled to access. \n\nThis issue is addressed in the listed patches and family release, which have been made available to hosted and self-hosted customers, as well as partners."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-06T16:29:12.094Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1948695"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Authorization bypass in Now Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2025-0337",
"datePublished": "2025-03-06T16:29:12.094Z",
"dateReserved": "2025-01-08T17:26:47.145Z",
"dateUpdated": "2025-03-06T16:41:58.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}