{"uuid": "8151df2c-ead5-4407-9371-193d49bdc5bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-3648", "type": "seen", "source": "https://t.me/cibsecurity/85700", "content": "\ud83d\udd8b\ufe0f ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs \ud83d\udd8b\ufe0f\n\nA highseverity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE20253648 CVSS score 8.2, has been described as a case of data inference in Now Platform through conditional access control list ACL rules. It has been codenamed Counter Strike. \"A vulnerability has.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2025-07-10T13:57:10.000000Z"}