{"uuid": "0ed650b2-0845-4a5d-8164-a858acafffa8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "name": "ServiceNow - July 2024 vulnerabilities", "description": "- KB1648313\t CVE-2024-5217 - Incomplete Input Validation in GlideExpression Script 2024-07-10\n- KB1648312\t CVE-2024-5178 - Incomplete Input Validation in SecurelyAccess API 2024-07-10 \n- KB1645154\t CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow UI Macros 2024-07-10\n\nCVE-2024-4879 sounds to be the most serious vulnerability allowing RCE for non-authenticated users.\n\nref: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1226057", "creation_timestamp": "2024-07-27T20:58:34.478877+00:00", "timestamp": "2024-07-27T21:00:07.812336+00:00", "related_vulnerabilities": ["CVE-2024-5217", "CVE-2024-5178", "CVE-2024-4879"], "author": {"login": "adulau", "name": "Alexandre Dulaunoy", "uuid": "c933734a-9be8-4142-889e-26e95c752803"}}