Search criteria
45 vulnerabilities found for ServiceNow by ServiceNow
FKIE_CVE-2024-8924
Vulnerability from fkie_nvd - Published: 2024-10-29 17:15 - Updated: 2024-11-27 19:32
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:xanadu:-:*:*:*:*:*:*",
"matchCriteriaId": "7680E7D1-4508-4A4F-99B9-D7690052F185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:xanadu:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "D232F4B4-40DC-4251-92C9-F40D280AEE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:xanadu:early_availability_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "49E3A571-83E7-4168-ADF6-49AF92F68EC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:-:*:*:*:*:*:*",
"matchCriteriaId": "9DB67FCA-6127-486F-A866-3D5E63B81C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "8702C869-6136-4E0D-9C31-D3F23E9FFEB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:early_availability_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B094239-6739-4E69-BFF6-7D2797024D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:early_availability_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "4D849F84-F4A9-4AF1-99B6-C57C34BDF4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "9132AB29-33C1-4825-BAD4-2804C26316B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "68D99613-53A1-4B09-9A78-F8EFA0CC6B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "7E79B8B4-C9CF-4BD4-A634-6DB5EFCAA1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B348587A-4407-4BC5-B4E0-207A283B66F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "E8FCCFB6-DB7E-4DED-A7E0-1C03087754F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7ED2051C-FE4F-4C0A-A3BF-E33141DC3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "8CFD4017-5B8E-4CAF-B9E5-4A675C11F01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "40D69E69-DF88-4F8C-A9BD-B642829107E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "4D21A542-15DC-432C-9C60-F7CABE8D4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix1a:*:*:*:*:*:*",
"matchCriteriaId": "1596163B-637A-49F9-B01F-C6CC297F7E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "0B915FDA-9DCB-43B5-8081-F0690996A3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7308FA07-5C6D-41AA-9EE1-EE9BAAB50A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "5ED407E7-9595-4B4D-9D53-1A4807BA327C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "1EA5B288-54DB-437E-88C2-05F90FF3C918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "6ED497ED-1588-4CF8-AE83-7CC7BEF8B982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "A74A3197-68F7-4303-A731-B87A8BF3F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A08FD0FD-E062-4BEC-BE95-0ED2D106826B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "5F6A6F12-4D7A-4FD3-8FD6-C32D797BB810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "847F9124-F3C6-4C93-9E80-544CB0580C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "12808B52-8F7D-4EE0-A43E-85A1C70A6BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "81880B84-5E9D-4B7F-B1D5-1BF8D25DAF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8011D2A7-770B-4AE5-80E6-C762F4F0BB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "A58603E3-5AFC-4606-8F9E-1B4FF9A9B843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "BED5F42A-5FFF-43E0-9BAD-A5E6C1110551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "ACC24566-0C5A-480D-AA79-19C5E9CE3D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "ABE64339-EF0B-4430-9768-FA7DE82AA61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FF79CA67-765A-4CCB-B1CB-EE1FC02CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "A3E71353-9AFF-4B6D-89BC-A2909A7C5DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "C9C5B57E-7852-4E38-9BDA-864CF6F9DB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "EAA2E502-FCBC-404D-8FFA-4601F1D5B747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "650956A6-8DE6-4C16-A77C-2B208B41DF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "A49AC0E0-9164-43AD-959A-55FCB7965858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "24A4F6D1-2005-43CA-A282-6B532046CC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "46277115-1A2B-4526-83E8-1446EB5A1EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_1a:*:*:*:*:*:*",
"matchCriteriaId": "6CDFB167-F252-46A6-A5F6-EF9A4F93FC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_1b:*:*:*:*:*:*",
"matchCriteriaId": "43DE243B-E90A-4857-A3A6-3A045FE2D75F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_2a:*:*:*:*:*:*",
"matchCriteriaId": "33689F99-48DD-47C6-AFAC-DC5D10785860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_2b:*:*:*:*:*:*",
"matchCriteriaId": "8F664F1F-5FB2-48B1-93C7-5DF415E673B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "C641B881-7379-448A-A785-3381C72F8353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "03D48963-936B-4A48-8859-A5066A259E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9149B850-7196-476A-9A27-DEB85B8C6F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "10622260-FCBC-4CC0-804E-55D75200FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "629C9A33-02A6-459E-92F2-A815FFA5BC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "28C0B816-2DE4-4314-8505-8A7F2EB6AE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "CF44F7A1-D153-4723-BA45-0FE4E4725C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F9952FD7-E982-471E-933A-812FB24D7180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "5143ED1D-7B8A-4167-B76D-3946E9920E3B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "9517E3CB-3473-48B5-942A-E1AC215ECB6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "FDB5D38B-DABC-4FD0-BE1F-6153E6209CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "5BF8DC1F-48AB-4BAD-83F5-2D370AB4E77C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:-:*:*:*:*:*:*",
"matchCriteriaId": "FFAC3BF9-2443-4C43-B67A-2BB99297D295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "84206FBF-9BE9-489C-AED6-522029D14091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:early_availability_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "02C383CA-F10F-44F1-9DAE-0CC6C049B83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "444DD275-789F-4C07-9D98-BBFAA1640DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5B29B708-BD7C-4A6C-9E78-37D045101A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "1F6EDFA3-9014-4AA7-A17F-DDB1FE96588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "1DA447CA-A6A2-436C-9909-3F0419B7DD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "9F263893-6D34-49D6-9407-ED6CB823595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "A5BC2E0F-21A6-4AA2-8B4D-C7DEE1D34FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "D18E2CD1-AC8E-4ABF-88DE-D3E61A297ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "52FC3724-35E5-4C3A-B6BA-3B270EA4255E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D663C66D-460F-417E-BC40-D2F0D64246BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "6137BB81-6B48-4DCB-A9F6-A27D869C12FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B06EABB5-0327-4816-AC7B-34D021758812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9AE9E970-A457-4D7F-91F0-B7A0956C4115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5E117698-641B-4A61-A0A1-5360A6A47EC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "29DC5FC9-2ACF-4C51-93C4-2D0982BA0CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F527AEBC-C859-45A2-B9A3-B627B99430AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "866088B4-F98B-4C76-BE9C-01505DCA0422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "84A86B15-85A4-43B0-A848-F6BDE6F925D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "DA24D4D4-9531-4A39-82AB-C559AD956821",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "E038E7CE-F29B-4684-A20A-BD564C2F72D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "9CD5A918-9B71-4CFD-A6DB-437D3B647C6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A8CB6895-5EA1-4D97-B563-ED192B4ADA3D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "17D05A6C-5B6B-4DF0-A2A6-D23C05B55FB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "2514E534-4160-4B28-B4B3-FF8DDDE6F7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "4533B128-E765-4542-938F-5CF254249C15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5_hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "98E4AFA9-6551-4D22-AFB1-666936DC311D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5_hotfix_6:*:*:*:*:*:*",
"matchCriteriaId": "F72D90CB-C5EB-4F03-B320-0ACF9397C724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "AA936070-C32B-4539-A14F-1F6965A01107",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u00a0ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
},
{
"lang": "es",
"value": "ServiceNow ha solucionado una vulnerabilidad de inyecci\u00f3n SQL ciega que se identific\u00f3 en la plataforma Now. Esta vulnerabilidad podr\u00eda permitir que un usuario no autenticado extraiga informaci\u00f3n no autorizada. ServiceNow implement\u00f3 una actualizaci\u00f3n en las instancias alojadas y proporcion\u00f3 la actualizaci\u00f3n a nuestros socios y clientes alojados por ellos mismos. Adem\u00e1s, la vulnerabilidad se soluciona en los parches y correcciones urgentes que se indican."
}
],
"id": "CVE-2024-8924",
"lastModified": "2024-11-27T19:32:01.823",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "psirt@servicenow.com",
"type": "Secondary"
}
]
},
"published": "2024-10-29T17:15:04.983",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706072"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-8923
Vulnerability from fkie_nvd - Published: 2024-10-29 16:15 - Updated: 2024-11-27 19:31
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:xanadu:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "D232F4B4-40DC-4251-92C9-F40D280AEE36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:xanadu:early_availability_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "49E3A571-83E7-4168-ADF6-49AF92F68EC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:-:*:*:*:*:*:*",
"matchCriteriaId": "FFAC3BF9-2443-4C43-B67A-2BB99297D295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "84206FBF-9BE9-489C-AED6-522029D14091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:early_availability_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "02C383CA-F10F-44F1-9DAE-0CC6C049B83E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "444DD275-789F-4C07-9D98-BBFAA1640DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5B29B708-BD7C-4A6C-9E78-37D045101A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "1F6EDFA3-9014-4AA7-A17F-DDB1FE96588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "1DA447CA-A6A2-436C-9909-3F0419B7DD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "9F263893-6D34-49D6-9407-ED6CB823595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "A5BC2E0F-21A6-4AA2-8B4D-C7DEE1D34FC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "D18E2CD1-AC8E-4ABF-88DE-D3E61A297ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "52FC3724-35E5-4C3A-B6BA-3B270EA4255E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D663C66D-460F-417E-BC40-D2F0D64246BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "6137BB81-6B48-4DCB-A9F6-A27D869C12FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B06EABB5-0327-4816-AC7B-34D021758812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9AE9E970-A457-4D7F-91F0-B7A0956C4115",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "5E117698-641B-4A61-A0A1-5360A6A47EC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "29DC5FC9-2ACF-4C51-93C4-2D0982BA0CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F527AEBC-C859-45A2-B9A3-B627B99430AC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:-:*:*:*:*:*:*",
"matchCriteriaId": "9DB67FCA-6127-486F-A866-3D5E63B81C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "8702C869-6136-4E0D-9C31-D3F23E9FFEB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:early_availability_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B094239-6739-4E69-BFF6-7D2797024D8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:early_availability_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "4D849F84-F4A9-4AF1-99B6-C57C34BDF4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "9132AB29-33C1-4825-BAD4-2804C26316B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "68D99613-53A1-4B09-9A78-F8EFA0CC6B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "E8FCCFB6-DB7E-4DED-A7E0-1C03087754F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7ED2051C-FE4F-4C0A-A3BF-E33141DC3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "8CFD4017-5B8E-4CAF-B9E5-4A675C11F01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "40D69E69-DF88-4F8C-A9BD-B642829107E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "4D21A542-15DC-432C-9C60-F7CABE8D4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix1a:*:*:*:*:*:*",
"matchCriteriaId": "1596163B-637A-49F9-B01F-C6CC297F7E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "0B915FDA-9DCB-43B5-8081-F0690996A3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7308FA07-5C6D-41AA-9EE1-EE9BAAB50A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "5ED407E7-9595-4B4D-9D53-1A4807BA327C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "1EA5B288-54DB-437E-88C2-05F90FF3C918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "6ED497ED-1588-4CF8-AE83-7CC7BEF8B982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "A74A3197-68F7-4303-A731-B87A8BF3F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A08FD0FD-E062-4BEC-BE95-0ED2D106826B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "5F6A6F12-4D7A-4FD3-8FD6-C32D797BB810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "847F9124-F3C6-4C93-9E80-544CB0580C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "12808B52-8F7D-4EE0-A43E-85A1C70A6BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "81880B84-5E9D-4B7F-B1D5-1BF8D25DAF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8011D2A7-770B-4AE5-80E6-C762F4F0BB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "A58603E3-5AFC-4606-8F9E-1B4FF9A9B843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "BED5F42A-5FFF-43E0-9BAD-A5E6C1110551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "ACC24566-0C5A-480D-AA79-19C5E9CE3D70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "ABE64339-EF0B-4430-9768-FA7DE82AA61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FF79CA67-765A-4CCB-B1CB-EE1FC02CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "A3E71353-9AFF-4B6D-89BC-A2909A7C5DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "C9C5B57E-7852-4E38-9BDA-864CF6F9DB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "EAA2E502-FCBC-404D-8FFA-4601F1D5B747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "650956A6-8DE6-4C16-A77C-2B208B41DF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "A49AC0E0-9164-43AD-959A-55FCB7965858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "24A4F6D1-2005-43CA-A282-6B532046CC60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "46277115-1A2B-4526-83E8-1446EB5A1EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_1a:*:*:*:*:*:*",
"matchCriteriaId": "6CDFB167-F252-46A6-A5F6-EF9A4F93FC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_1b:*:*:*:*:*:*",
"matchCriteriaId": "43DE243B-E90A-4857-A3A6-3A045FE2D75F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_2a:*:*:*:*:*:*",
"matchCriteriaId": "33689F99-48DD-47C6-AFAC-DC5D10785860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_2b:*:*:*:*:*:*",
"matchCriteriaId": "8F664F1F-5FB2-48B1-93C7-5DF415E673B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "C641B881-7379-448A-A785-3381C72F8353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "03D48963-936B-4A48-8859-A5066A259E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9149B850-7196-476A-9A27-DEB85B8C6F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "10622260-FCBC-4CC0-804E-55D75200FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "629C9A33-02A6-459E-92F2-A815FFA5BC73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "28C0B816-2DE4-4314-8505-8A7F2EB6AE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "CF44F7A1-D153-4723-BA45-0FE4E4725C2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F9952FD7-E982-471E-933A-812FB24D7180",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "5143ED1D-7B8A-4167-B76D-3946E9920E3B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
},
{
"lang": "es",
"value": " ServiceNow ha solucionado una vulnerabilidad de validaci\u00f3n de entrada que se identific\u00f3 en Now Platform. Esta vulnerabilidad podr\u00eda permitir que un usuario no autenticado ejecute c\u00f3digo de forma remota dentro del contexto de Now Platform. ServiceNow implement\u00f3 una actualizaci\u00f3n en las instancias alojadas y proporcion\u00f3 la actualizaci\u00f3n a nuestros socios y clientes alojados por ellos mismos. Adem\u00e1s, la vulnerabilidad se soluciona en los parches y correcciones urgentes que se indican."
}
],
"id": "CVE-2024-8923",
"lastModified": "2024-11-27T19:31:56.417",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "psirt@servicenow.com",
"type": "Secondary"
}
]
},
"published": "2024-10-29T16:15:06.417",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706070"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-4879
Vulnerability from fkie_nvd - Published: 2024-07-10 17:15 - Updated: 2025-11-03 18:58
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
References
Impacted products
{
"cisaActionDue": "2024-08-19",
"cisaExploitAdd": "2024-07-29",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "ServiceNow Improper Input Validation Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "03FE0B52-C7A6-4632-A09E-BE7AB8610DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "DB5CA109-5DC1-4952-AC15-69FAC332BCA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "44506775-0370-4583-9236-6C9F646B6622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "1A76B918-45DB-49A9-B323-5CB6FF8200AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "118B4618-8702-4C38-88EE-B41C2C9DBF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "92BED123-0FFC-4113-B0B6-A1A8BD69F4CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "76439FC6-2DD2-4AD4-9EB6-A2FEAC10B205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8097D9B0-9329-4EB7-BB7E-0FF3057D408B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "AFEA8D14-D1C8-486B-ABE7-25C9D6B72CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10a:*:*:*:*:*:*",
"matchCriteriaId": "5DA716A2-E697-4BC3-8127-E772E67E1C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10a_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "EEBB1DCE-25AA-4F95-984C-5BB5341A90ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "98E3E0AF-A341-43BB-91C6-75BBDE695280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "20AC3991-0E5B-4164-807F-0E270B1867BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "44F86BEB-77D0-41AF-816C-F73B2D9601FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "C9C467AA-B1A2-4A2A-8363-623232BCBCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "A6E189F6-6623-4A0C-8767-A3CC1C12B759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "9D6885DD-230B-468B-B936-7512BE80849D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1476C240-FCB0-43E3-9C79-2264DB6C200A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_3_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "9783CA53-CDBD-44F0-B2B9-8C49EBE9FCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "481EC1AA-5863-4641-B67F-CD51416ED0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "402D816A-2650-4743-A386-029C0D063C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "56CBE65E-2D5A-4191-A2F4-8AC76050404F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "05587BC2-574F-42B6-A121-7ACFD0691ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "76D69B8D-02EE-4E3D-9F54-E94F6DB09D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "CC772DD6-2814-4EEF-A524-CC752C277337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "996C57B4-E8AC-48F6-BA71-328F714B1BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "10B82BE2-BE38-4EA7-85D5-AC28FF4F50BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_4b:*:*:*:*:*:*",
"matchCriteriaId": "D66B18D1-486D-4390-9D1E-5348D1C6729A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "A0EC8ACE-70CA-44FC-ACA7-0868D620C86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "8D934721-565F-4707-A32A-B7E4BB9D2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4AA97D74-290C-47C7-9976-6EF83950C530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "122E0C17-B29B-44B9-A37E-745B103AD398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "AADFD5CE-9C9D-46FF-9871-E2BD7B2C8B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "ECE96EED-C729-4A84-B437-79CCE029C391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "8BD49264-D243-4625-828C-AF383D826779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FB29FCEC-3DDB-46EE-A7AA-4728E6B9A1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "AC4CA2B8-EFD8-4C01-8F9C-E613619062DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "0F601F74-593A-4566-A763-EF05E5138FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "47D4CC0E-E3F5-49AB-9D92-AC8FFB17A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "8A4CD267-D72A-4F09-BE9B-F008B1804AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "24D2EBC6-F894-4C1D-A2FF-B49FF4007ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "26D23EE3-0F88-47F7-ADCD-B74F81A08D9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FB793686-954A-49F8-BC35-A95325D61303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "38DDACA8-69A9-4047-AD99-A7DDC320EAD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "926C0F6A-0599-4239-B1CE-5D864BBAA315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:-:*:*:*:*:*:*",
"matchCriteriaId": "9DB67FCA-6127-486F-A866-3D5E63B81C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "9132AB29-33C1-4825-BAD4-2804C26316B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "68D99613-53A1-4B09-9A78-F8EFA0CC6B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "7E79B8B4-C9CF-4BD4-A634-6DB5EFCAA1FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "E8FCCFB6-DB7E-4DED-A7E0-1C03087754F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7ED2051C-FE4F-4C0A-A3BF-E33141DC3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "8CFD4017-5B8E-4CAF-B9E5-4A675C11F01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "40D69E69-DF88-4F8C-A9BD-B642829107E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "4D21A542-15DC-432C-9C60-F7CABE8D4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix1a:*:*:*:*:*:*",
"matchCriteriaId": "1596163B-637A-49F9-B01F-C6CC297F7E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "0B915FDA-9DCB-43B5-8081-F0690996A3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7308FA07-5C6D-41AA-9EE1-EE9BAAB50A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "5ED407E7-9595-4B4D-9D53-1A4807BA327C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "1EA5B288-54DB-437E-88C2-05F90FF3C918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "6ED497ED-1588-4CF8-AE83-7CC7BEF8B982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "A74A3197-68F7-4303-A731-B87A8BF3F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A08FD0FD-E062-4BEC-BE95-0ED2D106826B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "5F6A6F12-4D7A-4FD3-8FD6-C32D797BB810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "847F9124-F3C6-4C93-9E80-544CB0580C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "12808B52-8F7D-4EE0-A43E-85A1C70A6BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "81880B84-5E9D-4B7F-B1D5-1BF8D25DAF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8011D2A7-770B-4AE5-80E6-C762F4F0BB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "A58603E3-5AFC-4606-8F9E-1B4FF9A9B843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "BED5F42A-5FFF-43E0-9BAD-A5E6C1110551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "ABE64339-EF0B-4430-9768-FA7DE82AA61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FF79CA67-765A-4CCB-B1CB-EE1FC02CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "A3E71353-9AFF-4B6D-89BC-A2909A7C5DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "C9C5B57E-7852-4E38-9BDA-864CF6F9DB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "EAA2E502-FCBC-404D-8FFA-4601F1D5B747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "650956A6-8DE6-4C16-A77C-2B208B41DF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "A49AC0E0-9164-43AD-959A-55FCB7965858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "C641B881-7379-448A-A785-3381C72F8353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "03D48963-936B-4A48-8859-A5066A259E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9149B850-7196-476A-9A27-DEB85B8C6F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "10622260-FCBC-4CC0-804E-55D75200FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "CF44F7A1-D153-4723-BA45-0FE4E4725C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:-:*:*:*:*:*:*",
"matchCriteriaId": "FFAC3BF9-2443-4C43-B67A-2BB99297D295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "444DD275-789F-4C07-9D98-BBFAA1640DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5B29B708-BD7C-4A6C-9E78-37D045101A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "1F6EDFA3-9014-4AA7-A17F-DDB1FE96588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "1DA447CA-A6A2-436C-9909-3F0419B7DD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "D18E2CD1-AC8E-4ABF-88DE-D3E61A297ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "52FC3724-35E5-4C3A-B6BA-3B270EA4255E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "6137BB81-6B48-4DCB-A9F6-A27D869C12FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
},
{
"lang": "es",
"value": "ServiceNow ha abordado una vulnerabilidad de validaci\u00f3n de entrada que se identific\u00f3 en las versiones de la plataforma Now de Vancouver y Washington DC. Esta vulnerabilidad podr\u00eda permitir que un usuario no autenticado ejecute c\u00f3digo de forma remota dentro del contexto de Now Platform. ServiceNow aplic\u00f3 una actualizaci\u00f3n a las instancias alojadas y ServiceNow lanz\u00f3 la actualizaci\u00f3n a nuestros socios y clientes autohospedados. A continuaci\u00f3n se enumeran los parches y correcciones urgentes que abordan la vulnerabilidad. Si a\u00fan no lo ha hecho, le recomendamos aplicar los parches de seguridad relevantes para su instancia lo antes posible."
}
],
"id": "CVE-2024-4879",
"lastModified": "2025-11-03T18:58:11.717",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "psirt@servicenow.com",
"type": "Secondary"
}
]
},
"published": "2024-07-10T17:15:12.117",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Permissions Required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage",
"Third Party Advisory"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1287"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-5217
Vulnerability from fkie_nvd - Published: 2024-07-10 17:15 - Updated: 2025-11-03 18:58
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
References
Impacted products
{
"cisaActionDue": "2024-08-19",
"cisaExploitAdd": "2024-07-29",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "ServiceNow Incomplete List of Disallowed Inputs Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "03FE0B52-C7A6-4632-A09E-BE7AB8610DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "DB5CA109-5DC1-4952-AC15-69FAC332BCA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "44506775-0370-4583-9236-6C9F646B6622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "1A76B918-45DB-49A9-B323-5CB6FF8200AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "118B4618-8702-4C38-88EE-B41C2C9DBF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "92BED123-0FFC-4113-B0B6-A1A8BD69F4CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "76439FC6-2DD2-4AD4-9EB6-A2FEAC10B205",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8097D9B0-9329-4EB7-BB7E-0FF3057D408B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "AFEA8D14-D1C8-486B-ABE7-25C9D6B72CE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10a:*:*:*:*:*:*",
"matchCriteriaId": "5DA716A2-E697-4BC3-8127-E772E67E1C49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10a_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "EEBB1DCE-25AA-4F95-984C-5BB5341A90ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_10b:*:*:*:*:*:*",
"matchCriteriaId": "AE34BA83-3810-4314-9A45-B1A8944C6612",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "98E3E0AF-A341-43BB-91C6-75BBDE695280",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "20AC3991-0E5B-4164-807F-0E270B1867BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "44F86BEB-77D0-41AF-816C-F73B2D9601FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "C9C467AA-B1A2-4A2A-8363-623232BCBCA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "A6E189F6-6623-4A0C-8767-A3CC1C12B759",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "9D6885DD-230B-468B-B936-7512BE80849D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1476C240-FCB0-43E3-9C79-2264DB6C200A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_3_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "9783CA53-CDBD-44F0-B2B9-8C49EBE9FCB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "481EC1AA-5863-4641-B67F-CD51416ED0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "402D816A-2650-4743-A386-029C0D063C39",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "56CBE65E-2D5A-4191-A2F4-8AC76050404F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "05587BC2-574F-42B6-A121-7ACFD0691ED5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "76D69B8D-02EE-4E3D-9F54-E94F6DB09D5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "CC772DD6-2814-4EEF-A524-CC752C277337",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "996C57B4-E8AC-48F6-BA71-328F714B1BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "10B82BE2-BE38-4EA7-85D5-AC28FF4F50BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_4b:*:*:*:*:*:*",
"matchCriteriaId": "D66B18D1-486D-4390-9D1E-5348D1C6729A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_4_hotfix_5:*:*:*:*:*:*",
"matchCriteriaId": "A0EC8ACE-70CA-44FC-ACA7-0868D620C86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "8D934721-565F-4707-A32A-B7E4BB9D2DD0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4AA97D74-290C-47C7-9976-6EF83950C530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "122E0C17-B29B-44B9-A37E-745B103AD398",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "AADFD5CE-9C9D-46FF-9871-E2BD7B2C8B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "ECE96EED-C729-4A84-B437-79CCE029C391",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "8BD49264-D243-4625-828C-AF383D826779",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FB29FCEC-3DDB-46EE-A7AA-4728E6B9A1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "AC4CA2B8-EFD8-4C01-8F9C-E613619062DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "0F601F74-593A-4566-A763-EF05E5138FA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "47D4CC0E-E3F5-49AB-9D92-AC8FFB17A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "8A4CD267-D72A-4F09-BE9B-F008B1804AD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "24D2EBC6-F894-4C1D-A2FF-B49FF4007ED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "26D23EE3-0F88-47F7-ADCD-B74F81A08D9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FB793686-954A-49F8-BC35-A95325D61303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "38DDACA8-69A9-4047-AD99-A7DDC320EAD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_9_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "926C0F6A-0599-4239-B1CE-5D864BBAA315",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:-:*:*:*:*:*:*",
"matchCriteriaId": "9DB67FCA-6127-486F-A866-3D5E63B81C35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "9132AB29-33C1-4825-BAD4-2804C26316B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "68D99613-53A1-4B09-9A78-F8EFA0CC6B01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "E8FCCFB6-DB7E-4DED-A7E0-1C03087754F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7ED2051C-FE4F-4C0A-A3BF-E33141DC3250",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "8CFD4017-5B8E-4CAF-B9E5-4A675C11F01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "40D69E69-DF88-4F8C-A9BD-B642829107E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "4D21A542-15DC-432C-9C60-F7CABE8D4807",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_2_hotfix1a:*:*:*:*:*:*",
"matchCriteriaId": "1596163B-637A-49F9-B01F-C6CC297F7E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "0B915FDA-9DCB-43B5-8081-F0690996A3EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "7308FA07-5C6D-41AA-9EE1-EE9BAAB50A1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "5ED407E7-9595-4B4D-9D53-1A4807BA327C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "1EA5B288-54DB-437E-88C2-05F90FF3C918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "6ED497ED-1588-4CF8-AE83-7CC7BEF8B982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "A74A3197-68F7-4303-A731-B87A8BF3F831",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A08FD0FD-E062-4BEC-BE95-0ED2D106826B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "5F6A6F12-4D7A-4FD3-8FD6-C32D797BB810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "847F9124-F3C6-4C93-9E80-544CB0580C8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_4_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "12808B52-8F7D-4EE0-A43E-85A1C70A6BE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "81880B84-5E9D-4B7F-B1D5-1BF8D25DAF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8011D2A7-770B-4AE5-80E6-C762F4F0BB55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "A58603E3-5AFC-4606-8F9E-1B4FF9A9B843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "BED5F42A-5FFF-43E0-9BAD-A5E6C1110551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "ABE64339-EF0B-4430-9768-FA7DE82AA61F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "FF79CA67-765A-4CCB-B1CB-EE1FC02CFCFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "A3E71353-9AFF-4B6D-89BC-A2909A7C5DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "C9C5B57E-7852-4E38-9BDA-864CF6F9DB5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "EAA2E502-FCBC-404D-8FFA-4601F1D5B747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "650956A6-8DE6-4C16-A77C-2B208B41DF5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "A49AC0E0-9164-43AD-959A-55FCB7965858",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "46277115-1A2B-4526-83E8-1446EB5A1EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_1a:*:*:*:*:*:*",
"matchCriteriaId": "6CDFB167-F252-46A6-A5F6-EF9A4F93FC03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_1b:*:*:*:*:*:*",
"matchCriteriaId": "43DE243B-E90A-4857-A3A6-3A045FE2D75F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_2a:*:*:*:*:*:*",
"matchCriteriaId": "33689F99-48DD-47C6-AFAC-DC5D10785860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_7_hotifix_2b:*:*:*:*:*:*",
"matchCriteriaId": "8F664F1F-5FB2-48B1-93C7-5DF415E673B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "C641B881-7379-448A-A785-3381C72F8353",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "03D48963-936B-4A48-8859-A5066A259E03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9149B850-7196-476A-9A27-DEB85B8C6F19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_8_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "10622260-FCBC-4CC0-804E-55D75200FC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:vancouver:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "CF44F7A1-D153-4723-BA45-0FE4E4725C2F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:-:*:*:*:*:*:*",
"matchCriteriaId": "FFAC3BF9-2443-4C43-B67A-2BB99297D295",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "444DD275-789F-4C07-9D98-BBFAA1640DB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5B29B708-BD7C-4A6C-9E78-37D045101A17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "1F6EDFA3-9014-4AA7-A17F-DDB1FE96588E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "1DA447CA-A6A2-436C-9909-3F0419B7DD6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_1_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "9F263893-6D34-49D6-9407-ED6CB823595E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "D18E2CD1-AC8E-4ABF-88DE-D3E61A297ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "52FC3724-35E5-4C3A-B6BA-3B270EA4255E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "6137BB81-6B48-4DCB-A9F6-A27D869C12FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B06EABB5-0327-4816-AC7B-34D021758812",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "29DC5FC9-2ACF-4C51-93C4-2D0982BA0CA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:washington_dc:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "9CD5A918-9B71-4CFD-A6DB-437D3B647C6A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
},
{
"lang": "es",
"value": "ServiceNow ha abordado una vulnerabilidad de validaci\u00f3n de entrada que se identific\u00f3 en las versiones de Washington DC, Vancouver y versiones anteriores de Now Platform. Esta vulnerabilidad podr\u00eda permitir que un usuario no autenticado ejecute c\u00f3digo de forma remota dentro del contexto de Now Platform. La vulnerabilidad se aborda en los parches y correcciones urgentes que se enumeran a continuaci\u00f3n, que se lanzaron durante el ciclo de parches de junio de 2024. Si a\u00fan no lo ha hecho, le recomendamos aplicar los parches de seguridad relevantes para su instancia lo antes posible."
}
],
"id": "CVE-2024-5217",
"lastModified": "2025-11-03T18:58:17.937",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "psirt@servicenow.com",
"type": "Secondary"
}
]
},
"published": "2024-07-10T17:15:12.373",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Permissions Required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Press/Media Coverage"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Press/Media Coverage"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"US Government Resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-184"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-697"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-1298
Vulnerability from fkie_nvd - Published: 2023-07-06 18:15 - Updated: 2024-12-17 13:58
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "E74913AB-25EE-4F18-B2FA-5C261D7ADE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5719FE4C-B14A-4A68-8C0F-D9BBA8123056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2FDD5B2E-8FFF-45A4-BAF4-2091F59ED199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hottix_3:*:*:*:*:*:*",
"matchCriteriaId": "6DA812CC-CF9F-4642-873F-8C0F8DEF9534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "05C37C8D-C08F-49E4-BD57-03B61DA4D3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "F2371A53-1D57-4508-B18A-4FBA0288CF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "406329D1-A894-4D98-BCC0-DFAF25B811DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BD9DC522-29A8-457F-AC76-9DD53DCDE80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "9D6F99C1-F264-4592-AD5F-9A7B04F9D7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "3CD6BD0F-4AC7-4F01-A29C-C94B50BE3B4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9a_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "379C71B7-CEB3-43B0-B48E-062C6622B19C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "FE62CA6A-14A9-4FB8-80A3-BE8EFF14587B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "09179BB2-B8D4-4FF9-925E-B5B259EFDF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B328AB49-9C8F-4A0E-86C7-76071156EDAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1a:*:*:*:*:*:*",
"matchCriteriaId": "25F6EDF2-EC52-4821-80A7-1B7DB55CD5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1b:*:*:*:*:*:*",
"matchCriteriaId": "634CC5CF-5883-44A9-86D9-7DFEADCB4AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "F5DD8964-4A2D-4CE8-9C45-58E20DB30964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5A964834-0D6A-4E63-8A7A-F4B5DF2C1AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "EFEE723D-8418-448A-9005-212B8BDB2C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "487E9543-6417-4915-A884-20C4BF457543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E9338643-E8E2-494E-841D-A2756A4A8EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "FDDF1F29-9BF2-4F82-B375-8BC4E38E6D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "853308FF-6FE0-480E-8B7A-05C4723FB08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2AE7A9ED-6C15-436D-8CB5-A557BE6064D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "9972BE30-D7DE-4687-BC1D-867790D281A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E26FD8E6-C762-4CE1-8B90-7BCBBC372ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "F76C3CB6-D1DF-433B-ADA8-E1751DCA4FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "C93D663E-D0B4-4EC0-AD81-4932F96E4621",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "38A222AD-CBCC-4AF5-B9F1-ABA8447BE504",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "C3B9F3D7-B59B-489F-B3E2-F003F57A07B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4a_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4BB5A2D5-2556-4C7E-BE38-1DD27AF64433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "5536AF08-999A-44DC-B9FB-C3FE19D7FA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4F3AAC35-A807-4F74-AB08-727DF5AA3AA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "AA79BA86-1A6D-4A59-85CB-9E5A807E220D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_5_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "7F5A0D4A-2D44-428D-B571-D224029C77EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "DB5CA109-5DC1-4952-AC15-69FAC332BCA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\n"
}
],
"id": "CVE-2023-1298",
"lastModified": "2024-12-17T13:58:11.560",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-07-06T18:15:10.497",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1310230"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Not Applicable"
],
"url": "https://www.linkedin.com/in/osamay/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1310230"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-43684
Vulnerability from fkie_nvd - Published: 2023-06-13 19:15 - Updated: 2025-02-13 17:15
Severity ?
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.
Additional Details
This issue is present in the following supported ServiceNow releases:
* Quebec prior to Patch 10 Hot Fix 8b
* Rome prior to Patch 10 Hot Fix 1
* San Diego prior to Patch 7
* Tokyo prior to Tokyo Patch 1; and
* Utah prior to Utah General Availability
If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1B349D86-36DF-46C1-A268-F9C5EBE80223",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "8816E561-8E81-4C30-9C48-7836069202D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "F9AB04CB-F83E-4C6B-8F5E-9D317845D56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_3a:*:*:*:*:*:*",
"matchCriteriaId": "68E70794-77D1-4B96-B5B4-7E9624153D56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "408EF715-7549-47B2-8F36-7D7C693C347D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "0CE44A53-AF6C-488F-9163-7162955D9E21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "B2B004A9-64C0-4279-AA1E-7CA2C4C9CAC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "9992847C-D46A-4557-8E3E-3E15619C31DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "1DF72944-0771-4867-A9FF-EBAA25787FE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "6FDDA0D0-5010-4C07-A6C4-D6B2A873E348",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "F3AD962E-FCD3-490E-BD60-587227732B92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_4_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "10B1C7D9-E7A6-47FC-94B0-0C73E3C84F6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "B0FE839F-229A-459C-AEEB-AFE424764B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "77BE7B49-D510-4D23-BB2A-A2C0FA31B3E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "F0D9D4EB-5113-4FC4-B4E1-2E081FE45CF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "AB5847EE-379F-48CD-AB5C-472582EEC9FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "29725C9C-F01E-48D0-8AC6-EF4187B53461",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "52C8A7D2-F930-4078-9E9D-E48782E46CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "512C81E4-0C27-42EC-AD05-7563B50EF1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2B403376-993D-404D-B75B-A2B634095DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "A5BBA03C-2A2E-4259-9F8E-99622F6758B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D609B90C-E67E-461A-8756-36E06E265FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "2A05F1AF-0E08-4280-A006-A27C917C9E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "5E3198D2-CC9C-46F7-A366-6C16F3F35439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B4FEEDD5-F852-49AA-BDF9-869040C7F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "763B0915-14EF-4405-AAB6-78B185D5744B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "B053530E-1CB3-4A86-BD4B-569750776A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4CF1B2AB-D561-4396-AA99-71FCD55B5D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "00EE16EE-B759-4BD8-A30B-C952142C860E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1F157018-E6F2-45D1-8B54-68C051247798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "88603AEF-0EC2-4006-B7F2-E5FFAC8F354C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "FB5BC2C0-A5CF-455F-A732-E49672B5682E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "66E9CCC4-7BC4-4FC2-8B54-B8746A83256C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "56E7DB16-6ABC-4ED3-99C1-A33914242405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "55AC0E29-0F51-4D1D-A5EF-AECD29FAE417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0D37-6840-4882-84E1-AE1E83ABF31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "CF53F785-2D19-48FB-9D88-9817785E5082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "DC20DB81-AA27-4BE5-9296-2E4E6000F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DECC9979-3A0B-4F36-85D1-DD539A7D18C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "563F3D85-A23A-453F-9932-3044F8B5566C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "3C770579-EDDC-4F46-8288-33A13289A8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "78447698-90FF-4010-BF0B-3294E2EBB69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A32EF135-C229-49B1-8766-1ED6066C7CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "22E5BA6F-6C66-4589-8AA9-C76776DCFCCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "AE93BECE-CC4A-400A-9322-5E61DA5E6A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "38D3CF30-CAC5-49B1-B527-9C9D24C28A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "8C48A10D-0295-4023-AB20-0BE4D8AA582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "0F42AF52-C388-44BB-B328-5E77CF9E4622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "9F249B02-DB97-4AFB-A786-AA685AA4E50B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "C143A667-EBF1-4F6D-AB21-833B184FBFF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "CD9C6C64-E92C-45A8-BC0C-71DE31F70D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "0C7C2818-6225-4652-B066-A11BD45D4608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_10_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "C46E8D6C-A65F-473B-AFCD-B16EA09023AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "E74913AB-25EE-4F18-B2FA-5C261D7ADE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n * Quebec prior to Patch 10 Hot Fix 8b\n * Rome prior to Patch 10 Hot Fix 1\n * San Diego prior to Patch 7\n * Tokyo prior to Tokyo Patch 1; and \n * Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls."
}
],
"id": "CVE-2022-43684",
"lastModified": "2025-02-13T17:15:46.027",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.1,
"impactScore": 6.0,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-06-13T19:15:09.243",
"references": [
{
"source": "psirt@servicenow.com",
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
},
{
"source": "psirt@servicenow.com",
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"source": "psirt@servicenow.com",
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"source": "psirt@servicenow.com",
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-1209
Vulnerability from fkie_nvd - Published: 2023-05-23 17:15 - Updated: 2024-11-21 07:38
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:-:*:*:*:*:*:*",
"matchCriteriaId": "F59FAF00-135F-4AC1-B68E-B6F1ED98ACAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "52C8A7D2-F930-4078-9E9D-E48782E46CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "512C81E4-0C27-42EC-AD05-7563B50EF1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2B403376-993D-404D-B75B-A2B634095DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "A5BBA03C-2A2E-4259-9F8E-99622F6758B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D609B90C-E67E-461A-8756-36E06E265FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "5E3198D2-CC9C-46F7-A366-6C16F3F35439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DD0D5C00-C5D2-4E30-BEB7-AA2ACBE68CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "F5B1C958-54DF-45BE-BD2B-60A44B846971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "6BE785D2-A5C9-4ED7-968A-C01F257E8514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2b:*:*:*:*:*:*",
"matchCriteriaId": "2AE0A295-ECDE-4D0A-A104-F1E66F950915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_3b:*:*:*:*:*:*",
"matchCriteriaId": "F2A509AC-A984-41D3-9F1D-03428344F1BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "B053530E-1CB3-4A86-BD4B-569750776A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4CF1B2AB-D561-4396-AA99-71FCD55B5D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "00EE16EE-B759-4BD8-A30B-C952142C860E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1F157018-E6F2-45D1-8B54-68C051247798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "88603AEF-0EC2-4006-B7F2-E5FFAC8F354C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "FB5BC2C0-A5CF-455F-A732-E49672B5682E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "66E9CCC4-7BC4-4FC2-8B54-B8746A83256C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "56E7DB16-6ABC-4ED3-99C1-A33914242405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "55AC0E29-0F51-4D1D-A5EF-AECD29FAE417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0D37-6840-4882-84E1-AE1E83ABF31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "CF53F785-2D19-48FB-9D88-9817785E5082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DECC9979-3A0B-4F36-85D1-DD539A7D18C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "563F3D85-A23A-453F-9932-3044F8B5566C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "3C770579-EDDC-4F46-8288-33A13289A8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "78447698-90FF-4010-BF0B-3294E2EBB69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A32EF135-C229-49B1-8766-1ED6066C7CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "22E5BA6F-6C66-4589-8AA9-C76776DCFCCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "AE93BECE-CC4A-400A-9322-5E61DA5E6A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "38D3CF30-CAC5-49B1-B527-9C9D24C28A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "8C48A10D-0295-4023-AB20-0BE4D8AA582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "0F42AF52-C388-44BB-B328-5E77CF9E4622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:-:*:*:*:*:*:*",
"matchCriteriaId": "F63300E0-AF0E-44DA-BEC4-D7F560DCE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5719FE4C-B14A-4A68-8C0F-D9BBA8123056",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2FDD5B2E-8FFF-45A4-BAF4-2091F59ED199",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7_hottix_3:*:*:*:*:*:*",
"matchCriteriaId": "6DA812CC-CF9F-4642-873F-8C0F8DEF9534",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "05C37C8D-C08F-49E4-BD57-03B61DA4D3BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "F2371A53-1D57-4508-B18A-4FBA0288CF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "406329D1-A894-4D98-BCC0-DFAF25B811DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "BD9DC522-29A8-457F-AC76-9DD53DCDE80E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "9D6F99C1-F264-4592-AD5F-9A7B04F9D7F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "09179BB2-B8D4-4FF9-925E-B5B259EFDF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B328AB49-9C8F-4A0E-86C7-76071156EDAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1a:*:*:*:*:*:*",
"matchCriteriaId": "25F6EDF2-EC52-4821-80A7-1B7DB55CD5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1b:*:*:*:*:*:*",
"matchCriteriaId": "634CC5CF-5883-44A9-86D9-7DFEADCB4AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "F5DD8964-4A2D-4CE8-9C45-58E20DB30964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "5A964834-0D6A-4E63-8A7A-F4B5DF2C1AAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "EFEE723D-8418-448A-9005-212B8BDB2C05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "487E9543-6417-4915-A884-20C4BF457543",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E9338643-E8E2-494E-841D-A2756A4A8EAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "FDDF1F29-9BF2-4F82-B375-8BC4E38E6D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "853308FF-6FE0-480E-8B7A-05C4723FB08A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2AE7A9ED-6C15-436D-8CB5-A557BE6064D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "9972BE30-D7DE-4687-BC1D-867790D281A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "E26FD8E6-C762-4CE1-8B90-7BCBBC372ADA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "F76C3CB6-D1DF-433B-ADA8-E1751DCA4FE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts."
}
],
"id": "CVE-2023-1209",
"lastModified": "2024-11-21T07:38:40.413",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-05-23T17:15:08.950",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1262967"
},
{
"source": "psirt@servicenow.com",
"tags": [
"Permissions Required"
],
"url": "https://www.linkedin.com/in/osamay/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1262967"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-46389
Vulnerability from fkie_nvd - Published: 2023-04-17 22:15 - Updated: 2024-11-21 07:30
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:-:*:*:*:*:*:*",
"matchCriteriaId": "C5A68765-7406-48CB-965E-6C09A7465CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:-:*:*:*:*:*:*",
"matchCriteriaId": "F59FAF00-135F-4AC1-B68E-B6F1ED98ACAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "5C8E54FC-835C-4F34-8514-D0BC8B807594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "52C8A7D2-F930-4078-9E9D-E48782E46CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2B403376-993D-404D-B75B-A2B634095DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "A5BBA03C-2A2E-4259-9F8E-99622F6758B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "5E3198D2-CC9C-46F7-A366-6C16F3F35439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "B053530E-1CB3-4A86-BD4B-569750776A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "00EE16EE-B759-4BD8-A30B-C952142C860E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1F157018-E6F2-45D1-8B54-68C051247798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "88603AEF-0EC2-4006-B7F2-E5FFAC8F354C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "FB5BC2C0-A5CF-455F-A732-E49672B5682E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "66E9CCC4-7BC4-4FC2-8B54-B8746A83256C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0D37-6840-4882-84E1-AE1E83ABF31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "DC20DB81-AA27-4BE5-9296-2E4E6000F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "563F3D85-A23A-453F-9932-3044F8B5566C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "3C770579-EDDC-4F46-8288-33A13289A8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "78447698-90FF-4010-BF0B-3294E2EBB69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "AE93BECE-CC4A-400A-9322-5E61DA5E6A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "8C48A10D-0295-4023-AB20-0BE4D8AA582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:-:*:*:*:*:*:*",
"matchCriteriaId": "F63300E0-AF0E-44DA-BEC4-D7F560DCE4C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "E74913AB-25EE-4F18-B2FA-5C261D7ADE25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "F2371A53-1D57-4508-B18A-4FBA0288CF7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "F347AF0E-EBED-4FC2-8994-E06891FC8879",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "09179BB2-B8D4-4FF9-925E-B5B259EFDF4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1a:*:*:*:*:*:*",
"matchCriteriaId": "25F6EDF2-EC52-4821-80A7-1B7DB55CD5FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_1b:*:*:*:*:*:*",
"matchCriteriaId": "634CC5CF-5883-44A9-86D9-7DFEADCB4AC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "F5DD8964-4A2D-4CE8-9C45-58E20DB30964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "FDDF1F29-9BF2-4F82-B375-8BC4E38E6D2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:early_availability:*:*:*:*:*:*",
"matchCriteriaId": "03FE0B52-C7A6-4632-A09E-BE7AB8610DD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "DB5CA109-5DC1-4952-AC15-69FAC332BCA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "98E3E0AF-A341-43BB-91C6-75BBDE695280",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console."
}
],
"id": "CVE-2022-46389",
"lastModified": "2024-11-21T07:30:30.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-17T22:15:07.840",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-46886
Vulnerability from fkie_nvd - Published: 2023-04-14 20:15 - Updated: 2025-02-06 22:15
Severity ?
5.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:-:*:*:*:*:*:*",
"matchCriteriaId": "C5A68765-7406-48CB-965E-6C09A7465CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "8816E561-8E81-4C30-9C48-7836069202D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "52C8A7D2-F930-4078-9E9D-E48782E46CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "512C81E4-0C27-42EC-AD05-7563B50EF1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "A5BBA03C-2A2E-4259-9F8E-99622F6758B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D609B90C-E67E-461A-8756-36E06E265FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "2A05F1AF-0E08-4280-A006-A27C917C9E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "5E3198D2-CC9C-46F7-A366-6C16F3F35439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DD0D5C00-C5D2-4E30-BEB7-AA2ACBE68CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "F5B1C958-54DF-45BE-BD2B-60A44B846971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "6BE785D2-A5C9-4ED7-968A-C01F257E8514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B4FEEDD5-F852-49AA-BDF9-869040C7F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "763B0915-14EF-4405-AAB6-78B185D5744B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "B053530E-1CB3-4A86-BD4B-569750776A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4CF1B2AB-D561-4396-AA99-71FCD55B5D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "00EE16EE-B759-4BD8-A30B-C952142C860E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1F157018-E6F2-45D1-8B54-68C051247798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "88603AEF-0EC2-4006-B7F2-E5FFAC8F354C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "FB5BC2C0-A5CF-455F-A732-E49672B5682E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "66E9CCC4-7BC4-4FC2-8B54-B8746A83256C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "56E7DB16-6ABC-4ED3-99C1-A33914242405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "55AC0E29-0F51-4D1D-A5EF-AECD29FAE417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0D37-6840-4882-84E1-AE1E83ABF31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "CF53F785-2D19-48FB-9D88-9817785E5082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "DC20DB81-AA27-4BE5-9296-2E4E6000F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DECC9979-3A0B-4F36-85D1-DD539A7D18C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "563F3D85-A23A-453F-9932-3044F8B5566C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "3C770579-EDDC-4F46-8288-33A13289A8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "78447698-90FF-4010-BF0B-3294E2EBB69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A32EF135-C229-49B1-8766-1ED6066C7CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "22E5BA6F-6C66-4589-8AA9-C76776DCFCCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "AE93BECE-CC4A-400A-9322-5E61DA5E6A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "38D3CF30-CAC5-49B1-B527-9C9D24C28A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "8C48A10D-0295-4023-AB20-0BE4D8AA582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "0F42AF52-C388-44BB-B328-5E77CF9E4622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9B73C50B-B52A-41E0-9B5B-E84CEA5503B4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n"
}
],
"id": "CVE-2022-46886",
"lastModified": "2025-02-06T22:15:34.057",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 3.4,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-14T20:15:09.413",
"references": [
{
"source": "psirt@servicenow.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
FKIE_CVE-2022-39048
Vulnerability from fkie_nvd - Published: 2023-04-10 14:15 - Updated: 2025-02-07 21:15
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:-:*:*:*:*:*:*",
"matchCriteriaId": "C5A68765-7406-48CB-965E-6C09A7465CF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:quebec:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "8816E561-8E81-4C30-9C48-7836069202D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "52C8A7D2-F930-4078-9E9D-E48782E46CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "512C81E4-0C27-42EC-AD05-7563B50EF1DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "A5BBA03C-2A2E-4259-9F8E-99622F6758B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "D609B90C-E67E-461A-8756-36E06E265FF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "2A05F1AF-0E08-4280-A006-A27C917C9E82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*",
"matchCriteriaId": "5E3198D2-CC9C-46F7-A366-6C16F3F35439",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DD0D5C00-C5D2-4E30-BEB7-AA2ACBE68CF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "F5B1C958-54DF-45BE-BD2B-60A44B846971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2a:*:*:*:*:*:*",
"matchCriteriaId": "6BE785D2-A5C9-4ED7-968A-C01F257E8514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "B4FEEDD5-F852-49AA-BDF9-869040C7F3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "763B0915-14EF-4405-AAB6-78B185D5744B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "B053530E-1CB3-4A86-BD4B-569750776A53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "4CF1B2AB-D561-4396-AA99-71FCD55B5D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "00EE16EE-B759-4BD8-A30B-C952142C860E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "1F157018-E6F2-45D1-8B54-68C051247798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "88603AEF-0EC2-4006-B7F2-E5FFAC8F354C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "FB5BC2C0-A5CF-455F-A732-E49672B5682E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*",
"matchCriteriaId": "66E9CCC4-7BC4-4FC2-8B54-B8746A83256C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "56E7DB16-6ABC-4ED3-99C1-A33914242405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "55AC0E29-0F51-4D1D-A5EF-AECD29FAE417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5DCC0D37-6840-4882-84E1-AE1E83ABF31B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "CF53F785-2D19-48FB-9D88-9817785E5082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "DC20DB81-AA27-4BE5-9296-2E4E6000F56B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "DECC9979-3A0B-4F36-85D1-DD539A7D18C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*",
"matchCriteriaId": "563F3D85-A23A-453F-9932-3044F8B5566C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*",
"matchCriteriaId": "3C770579-EDDC-4F46-8288-33A13289A8A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "78447698-90FF-4010-BF0B-3294E2EBB69B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "A32EF135-C229-49B1-8766-1ED6066C7CC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "22E5BA6F-6C66-4589-8AA9-C76776DCFCCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*",
"matchCriteriaId": "AE93BECE-CC4A-400A-9322-5E61DA5E6A75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "38D3CF30-CAC5-49B1-B527-9C9D24C28A54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*",
"matchCriteriaId": "8C48A10D-0295-4023-AB20-0BE4D8AA582A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*",
"matchCriteriaId": "0F42AF52-C388-44BB-B328-5E77CF9E4622",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*",
"matchCriteriaId": "71A44062-D94F-4246-A218-33AD4C43C7FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "6A4ABAF4-C84B-4E7B-A156-24640B7D56EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*",
"matchCriteriaId": "2855AE65-1B96-4537-BB6E-7659114955EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*",
"matchCriteriaId": "63725CBE-34A5-4B9E-BA8E-32E66B89C646",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*",
"matchCriteriaId": "8B2DC45C-17A0-4D92-AB29-3497DA43707E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "F2822278-2089-4F78-86EE-D63A9516B5A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*",
"matchCriteriaId": "49444E5E-0AB7-4083-8663-089955134AA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*",
"matchCriteriaId": "8B5E2C3D-F838-48E0-8135-455AF964221D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*",
"matchCriteriaId": "2494C288-83E1-48DF-9661-540B26C9137E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*",
"matchCriteriaId": "815997A7-39CB-4C78-B776-54DECE294AA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*",
"matchCriteriaId": "DE7FDD4B-163B-462A-A80C-454F5040FF90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*",
"matchCriteriaId": "FB55D9E6-FD9C-48A8-800D-10C665120792",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*",
"matchCriteriaId": "D481F300-EDF4-4E22-B865-F3AAFCE27692",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*",
"matchCriteriaId": "311B0413-3771-4CAF-9A14-0726B2923A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*",
"matchCriteriaId": "5C99222F-B676-471F-8E44-707024B2B097",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*",
"matchCriteriaId": "276A7ABE-2437-455C-9C5B-C05CAAC183A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*",
"matchCriteriaId": "BB9E765B-C094-4FC4-B9E3-0732F24C10D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*",
"matchCriteriaId": "4332BE18-DA60-4921-A9DF-C434AB32839B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:tokyo:patch1:*:*:*:*:*:*",
"matchCriteriaId": "9B73C50B-B52A-41E0-9B5B-E84CEA5503B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:servicenow:servicenow:utah:-:*:*:*:*:*:*",
"matchCriteriaId": "69E0078E-1953-4F4F-9D5A-B1A140C4B310",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\n\n"
}
],
"id": "CVE-2022-39048",
"lastModified": "2025-02-07T21:15:09.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "psirt@servicenow.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-10T14:15:07.453",
"references": [
{
"source": "psirt@servicenow.com",
"url": "https://support.servicenow.com/"
},
{
"source": "psirt@servicenow.com",
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.servicenow.com/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"sourceIdentifier": "psirt@servicenow.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
CVE-2024-8924 (GCVE-0-2024-8924)
Vulnerability from cvelistv5 – Published: 2024-10-29 16:14 – Updated: 2024-10-31 03:55
VLAI?
Summary
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Utah Patch 10b Hot Fix 3
(custom)
Affected: 0 , < Vancouver Patch 8 Hot Fix 5 (custom) Affected: 0 , < Vancouver Patch 9 Hot Fix 3b (custom) Affected: 0 , < Vancouver Patch 10 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 4 Hot Fix 2b (custom) Affected: 0 , < Washington DC Patch 5 Hot Fix 6 (custom) Affected: 0 , < Washington DC Patch 6 Hot Fix 1 (custom) Affected: 0 , < Washington DC Patch 7 (custom) Affected: 0 , < Xanadu Patch 1 (custom) |
Credits
T-Mobile
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:utah:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Utah Patch 10b Hot Fix 3",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:vancouver:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Vancouver Patch 8 Hot Fix 5",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 3b",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10 Hot Fix 2",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:washington_dc:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Washington DC Patch 4 Hot Fix 2b",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5 Hot Fix 6",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 6 Hot Fix 1",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 7",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:xanadu:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Xanadu Patch 1",
"status": "affected",
"version": "Xanadu",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T03:55:17.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10b Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4 Hot Fix 2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5 Hot Fix 6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 6 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T-Mobile"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFurther, the vulnerability is addressed in the listed patches and hot fixes.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u00a0ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T16:14:38.836Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706072"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Blind SQL Injection in Core Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-8924",
"datePublished": "2024-10-29T16:14:38.836Z",
"dateReserved": "2024-09-16T23:37:01.512Z",
"dateUpdated": "2024-10-31T03:55:17.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8923 (GCVE-0-2024-8923)
Vulnerability from cvelistv5 – Published: 2024-10-29 16:07 – Updated: 2024-10-31 03:55
VLAI?
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Vancouver Patch 9 Hot Fix 2a
(custom)
Affected: 0 , < Vancouver Patch 10 (custom) Affected: 0 , < Washington DC Patch 4 Hot Fix 1a (custom) Affected: 0 , < Washington DC Patch 5 (custom) Affected: 0 , < Xanadu GA Release (custom) |
Credits
T-Mobile
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:vancouver:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Vancouver Patch 9 Hot Fix 2a",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:washington_dc:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Washington DC Patch 4 Hot Fix 1a",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:xanadu:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Xanadu GA Release",
"status": "affected",
"version": "Xanadu",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8923",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T03:55:16.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Vancouver Patch 9 Hot Fix 2a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4 Hot Fix 1a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu GA Release",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T-Mobile"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFurther, the vulnerability is addressed in the listed patches and hot fixes.\u003c/span\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T16:23:19.336Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706070"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sandbox Escape in Now Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-8923",
"datePublished": "2024-10-29T16:07:07.310Z",
"dateReserved": "2024-09-16T23:33:41.375Z",
"dateUpdated": "2024-10-31T03:55:16.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5217 (GCVE-0-2024-5217)
Vulnerability from cvelistv5 – Published: 2024-07-10 16:28 – Updated: 2025-10-21 22:55
VLAI?
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Severity ?
9.8 (Critical)
CWE
- CWE-184 - Incomplete List of Disallowed Inputs
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Utah Patch 10 Hot Fix 3
(custom)
Affected: 0 , < Utah Patch 10a Hot Fix 2 (custom) Affected: 0 , < Utah Patch 10b Hot Fix 1 (custom) Affected: 0 , < Vancouver Patch 6 Hot Fix 2 (custom) Affected: 0 , < Vancouver Patch 7 Hot Fix 3b (custom) Affected: 0 , < Vancouver Patch 8 Hot Fix 4 (custom) Affected: 0 , < Vancouver Patch 9 Hot Fix 1 (custom) Affected: 0 , < Vancouver Patch 10 (custom) Affected: 0 , < Washington DC Patch 1 Hot Fix 3b (custom) Affected: 0 , < Washington DC Patch 2 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 3 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 4 (custom) Affected: 0 , < Washington DC Patch 5 (custom) |
Credits
Adam Kues
Assetnote Attack Surface Management
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5217",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T19:00:26.864987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:49.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2024-5217 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:03:11.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10b Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:29:22.478Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete Input Validation in GlideExpression Script",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-5217",
"datePublished": "2024-07-10T16:28:32.649Z",
"dateReserved": "2024-05-22T18:36:08.570Z",
"dateUpdated": "2025-10-21T22:55:49.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4879 (GCVE-0-2024-4879)
Vulnerability from cvelistv5 – Published: 2024-07-10 16:16 – Updated: 2025-10-21 22:55
VLAI?
Summary
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Severity ?
9.8 (Critical)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Utah Patch 10 Hot Fix 3
(custom)
Affected: 0 , < Utah Patch 10a Hot Fix 2 (custom) Affected: 0 , < Vancouver Patch 6 Hot Fix 2 (custom) Affected: 0 , < Vancouver Patch 7 Hot Fix 3b (custom) Affected: 0 , < Vancouver Patch 8 Hot Fix 4 (custom) Affected: 0 , < Vancouver Patch 9 (custom) Affected: 0 , < Vancouver Patch 10 (custom) Affected: 0 , < Washington DC Patch 1 Hot Fix 2b (custom) Affected: 0 , < Washington DC Patch 2 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 3 Hot Fix 1 (custom) Affected: 0 , < Washington DC Patch 4 (custom) |
Credits
Adam Kues
Assetnote Attack Surface Management
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4879",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T18:58:02.257329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:49.702Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2024-4879 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:10.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u003c/span\u003e\u0026nbsp;\u003c/span\u003eServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003cdiv\u003e\u003c/div\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287 Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:28:49.374Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jelly Template Injection Vulnerability in ServiceNow UI Macros",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-4879",
"datePublished": "2024-07-10T16:16:39.926Z",
"dateReserved": "2024-05-14T17:39:41.655Z",
"dateUpdated": "2025-10-21T22:55:49.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1298 (GCVE-0-2023-1298)
Vulnerability from cvelistv5 – Published: 2023-07-06 17:13 – Updated: 2024-10-21 21:11
VLAI?
Summary
ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.
Severity ?
4.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now User Experience |
Affected:
0 , < San Diego Patch 10
(custom)
Affected: 0 , < Tokyo Patch 4b (custom) Affected: 0 , < Tokyo Patch 6 (custom) Affected: 0 , < Utah Patch 1 (custom) |
Credits
Osama Yousef
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1310230"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1298",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T21:06:59.183731Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T21:11:09.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now User Experience",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "San Diego Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 4b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Osama Yousef"
}
],
"datePublic": "2023-07-06T17:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-07T17:13:15.119Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1310230"
},
{
"url": "https://www.linkedin.com/in/osamay/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2023-1298",
"datePublished": "2023-07-06T17:13:27.552Z",
"dateReserved": "2023-03-09T19:33:01.065Z",
"dateUpdated": "2024-10-21T21:11:09.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43684 (GCVE-0-2022-43684)
Vulnerability from cvelistv5 – Published: 2023-06-13 18:51 – Updated: 2025-02-13 16:33
VLAI?
Summary
ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.
Additional Details
This issue is present in the following supported ServiceNow releases:
* Quebec prior to Patch 10 Hot Fix 8b
* Rome prior to Patch 10 Hot Fix 1
* San Diego prior to Patch 7
* Tokyo prior to Tokyo Patch 1; and
* Utah prior to Utah General Availability
If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
Severity ?
9.9 (Critical)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
Quebec , < Patch 10 Hot Fix 8b
(custom)
Affected: Rome , < Patch 10 Hot Fix 1 (custom) Affected: San Diego , < Patch 7 (custom) Affected: Tokyo , < Tokyo Patch 1 (custom) Affected: Utah , < Utah General Availability (GA) (custom) |
Credits
Luke Symons
Tony Wu
Eldar Marcussen
Gareth Phillips
Jeff Thomas
Nadeem Salim
Stephen Bradshaw
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"tags": [
"x_transferred"
],
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T20:40:28.652664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T20:40:46.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Patch 10 Hot Fix 8b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hot Fix 1",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 7",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 1",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"lessThan": "Utah General Availability (GA)",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Luke Symons"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tony Wu"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Eldar Marcussen"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gareth Phillips"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jeff Thomas"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nadeem Salim"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Stephen Bradshaw"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\u003c/p\u003e\u003c/div\u003e\u003cp\u003e\u003cstrong\u003eAdditional Details\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eThis issue is present in the following supported ServiceNow releases: \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003eQuebec prior to Patch 10 Hot Fix 8b\u003c/li\u003e\u003cli\u003eRome prior to Patch 10 Hot Fix 1\u003c/li\u003e\u003cli\u003eSan Diego prior to Patch 7\u003c/li\u003e\u003cli\u003eTokyo prior to Tokyo Patch 1; and \u003c/li\u003e\u003cli\u003eUtah prior to Utah General Availability \u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n * Quebec prior to Patch 10 Hot Fix 8b\n * Rome prior to Patch 10 Hot Fix 1\n * San Diego prior to Patch 7\n * Tokyo prior to Tokyo Patch 1; and \n * Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T17:06:41.003Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ACL bypass in Reporting functionality",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-43684",
"datePublished": "2023-06-13T18:51:39.984Z",
"dateReserved": "2022-10-24T04:08:01.240Z",
"dateUpdated": "2025-02-13T16:33:36.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1209 (GCVE-0-2023-1209)
Vulnerability from cvelistv5 – Published: 2023-05-23 16:41 – Updated: 2025-01-17 17:45
VLAI?
Summary
Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.
Severity ?
4.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | ServiceNow Records |
Affected:
0 , < Tokyo Patch 5
(custom)
Affected: 0 , < Tokyo Patch 4a (custom) Affected: 0 , < San Diego Patch 10 (custom) Affected: 0 , < San Diego Patch 9a (custom) Affected: 0 , < Rome Patch 10 Hot Fix 4b (custom) Affected: 0 , < Utah Patch 1 (custom) |
Credits
Osama Yousef
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1262967"
},
{
"tags": [
"x_reporter",
"x_transferred"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:45:41.144892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:45:49.612Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ServiceNow Records",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Tokyo Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 4a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "San Diego Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "San Diego Patch 9a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Rome Patch 10 Hot Fix 4b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Osama Yousef"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts."
}
],
"value": "Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-23T16:41:39.227Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1262967"
},
{
"tags": [
"x_reporter"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2023-1209",
"datePublished": "2023-05-23T16:41:28.194Z",
"dateReserved": "2023-03-06T19:57:41.453Z",
"dateUpdated": "2025-01-17T17:45:49.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46389 (GCVE-0-2022-46389)
Vulnerability from cvelistv5 – Published: 2023-04-17 00:00 – Updated: 2025-02-06 16:01
VLAI?
Summary
There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
Quebec , < Patch 10 Hotfix 11b
(custom)
Affected: Rome , < Patch 10 Hotfix 3b (custom) Affected: San Diego , < Patch 9 (custom) Affected: Tokyo , < Patch 4 (custom) Affected: Utah , < GA (custom) |
Credits
Bao Bui a.k.a 0xd0ff9 from VNG Security Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T16:01:34.843493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T16:01:59.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Patch 10 Hotfix 11b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 3b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 9",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Patch 4",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"lessThan": "GA",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bao Bui a.k.a 0xd0ff9 from VNG Security Team"
}
],
"datePublic": "2023-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross-Site Scripting (XSS) vulnerability found on logout functionality",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-46389",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2022-12-04T00:00:00.000Z",
"dateUpdated": "2025-02-06T16:01:59.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46886 (GCVE-0-2022-46886)
Vulnerability from cvelistv5 – Published: 2023-04-14 00:00 – Updated: 2025-02-06 21:46
VLAI?
Summary
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.
Severity ?
5.5 (Medium)
CWE
- open redirect
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | ServiceNow |
Affected:
Tokyo , < Tokyo Patch 1b
(custom)
Affected: San Diego , < San Diego Patch 7b (custom) Affected: Rome , < Rome Patch 10 Hotfix 2b (custom) Affected: Quebec , < Quebec Patch 10 Hotfix 10b (custom) |
Credits
theamanrawat
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:39:38.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46886",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T21:46:23.163978Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T21:46:36.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ServiceNow",
"vendor": "ServiceNow",
"versions": [
{
"changes": [
{
"at": "Tokyo Patch 3",
"status": "unaffected"
}
],
"lessThan": "Tokyo Patch 1b",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"changes": [
{
"at": "San Diego Patch 9",
"status": "unaffected"
}
],
"lessThan": "San Diego Patch 7b",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"changes": [
{
"at": "Rome Patch 10 Hotfix 3b",
"status": "unaffected"
}
],
"lessThan": "Rome Patch 10 Hotfix 2b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Quebec Patch 10 Hotfix 10b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "theamanrawat"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\u003c/p\u003e"
}
],
"value": "There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSuccessful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing. This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\u003c/p\u003e"
}
],
"value": "Successful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing. This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "open redirect",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T21:53:31.401Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-46886",
"datePublished": "2023-04-14T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2025-02-06T21:46:36.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39048 (GCVE-0-2022-39048)
Vulnerability from cvelistv5 – Published: 2023-04-10 00:00 – Updated: 2025-02-07 20:14
VLAI?
Summary
A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.
Severity ?
6.1 (Medium)
CWE
- Cross Site Scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Servicenow | Now Platform |
Affected:
Tokyo , < Patch 1a
(custom)
Affected: San Diego , < Patch 7b (custom) Affected: Rome , < Patch 10 Hotfix 2b (custom) Affected: Quebec , < Patch 10 Hotfix 10b (custom) |
Credits
theamanrawat
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T20:13:45.492244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T20:14:00.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "Servicenow",
"versions": [
{
"changes": [
{
"at": "Patch 2",
"status": "unaffected"
}
],
"lessThan": "Patch 1a",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"changes": [
{
"at": "Patch 9",
"status": "unaffected"
}
],
"lessThan": "Patch 7b",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 2b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 10b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "theamanrawat"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\u003c/p\u003e"
}
],
"value": "A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting (XSS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T15:27:13.546Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/"
},
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in ServiceNow UI page assessment_redirect",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-39048",
"datePublished": "2023-04-10T00:00:00.000Z",
"dateReserved": "2022-08-31T00:00:00.000Z",
"dateUpdated": "2025-02-07T20:14:00.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8924 (GCVE-0-2024-8924)
Vulnerability from nvd – Published: 2024-10-29 16:14 – Updated: 2024-10-31 03:55
VLAI?
Summary
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Utah Patch 10b Hot Fix 3
(custom)
Affected: 0 , < Vancouver Patch 8 Hot Fix 5 (custom) Affected: 0 , < Vancouver Patch 9 Hot Fix 3b (custom) Affected: 0 , < Vancouver Patch 10 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 4 Hot Fix 2b (custom) Affected: 0 , < Washington DC Patch 5 Hot Fix 6 (custom) Affected: 0 , < Washington DC Patch 6 Hot Fix 1 (custom) Affected: 0 , < Washington DC Patch 7 (custom) Affected: 0 , < Xanadu Patch 1 (custom) |
Credits
T-Mobile
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:utah:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Utah Patch 10b Hot Fix 3",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:vancouver:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Vancouver Patch 8 Hot Fix 5",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 3b",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10 Hot Fix 2",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:washington_dc:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Washington DC Patch 4 Hot Fix 2b",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5 Hot Fix 6",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 6 Hot Fix 1",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 7",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:xanadu:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Xanadu Patch 1",
"status": "affected",
"version": "Xanadu",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8924",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T03:55:17.683Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10b Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4 Hot Fix 2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5 Hot Fix 6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 6 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 7",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T-Mobile"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFurther, the vulnerability is addressed in the listed patches and hot fixes.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information.\u00a0ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T16:14:38.836Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706072"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Unauthenticated Blind SQL Injection in Core Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-8924",
"datePublished": "2024-10-29T16:14:38.836Z",
"dateReserved": "2024-09-16T23:37:01.512Z",
"dateUpdated": "2024-10-31T03:55:17.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-8923 (GCVE-0-2024-8923)
Vulnerability from nvd – Published: 2024-10-29 16:07 – Updated: 2024-10-31 03:55
VLAI?
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.
Severity ?
9.8 (Critical)
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Vancouver Patch 9 Hot Fix 2a
(custom)
Affected: 0 , < Vancouver Patch 10 (custom) Affected: 0 , < Washington DC Patch 4 Hot Fix 1a (custom) Affected: 0 , < Washington DC Patch 5 (custom) Affected: 0 , < Xanadu GA Release (custom) |
Credits
T-Mobile
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:vancouver:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Vancouver Patch 9 Hot Fix 2a",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "Vancouver",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:washington_dc:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Washington DC Patch 4 Hot Fix 1a",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "Washington_DC",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:xanadu:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "Xanadu GA Release",
"status": "affected",
"version": "Xanadu",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-8923",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-31T03:55:16.080Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Vancouver Patch 9 Hot Fix 2a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4 Hot Fix 1a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Xanadu GA Release",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "T-Mobile"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFurther, the vulnerability is addressed in the listed patches and hot fixes.\u003c/span\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers.\u00a0Further, the vulnerability is addressed in the listed patches and hot fixes."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T16:23:19.336Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1706070"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Sandbox Escape in Now Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-8923",
"datePublished": "2024-10-29T16:07:07.310Z",
"dateReserved": "2024-09-16T23:33:41.375Z",
"dateUpdated": "2024-10-31T03:55:16.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-5217 (GCVE-0-2024-5217)
Vulnerability from nvd – Published: 2024-07-10 16:28 – Updated: 2025-10-21 22:55
VLAI?
Summary
ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Severity ?
9.8 (Critical)
CWE
- CWE-184 - Incomplete List of Disallowed Inputs
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Utah Patch 10 Hot Fix 3
(custom)
Affected: 0 , < Utah Patch 10a Hot Fix 2 (custom) Affected: 0 , < Utah Patch 10b Hot Fix 1 (custom) Affected: 0 , < Vancouver Patch 6 Hot Fix 2 (custom) Affected: 0 , < Vancouver Patch 7 Hot Fix 3b (custom) Affected: 0 , < Vancouver Patch 8 Hot Fix 4 (custom) Affected: 0 , < Vancouver Patch 9 Hot Fix 1 (custom) Affected: 0 , < Vancouver Patch 10 (custom) Affected: 0 , < Washington DC Patch 1 Hot Fix 3b (custom) Affected: 0 , < Washington DC Patch 2 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 3 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 4 (custom) Affected: 0 , < Washington DC Patch 5 (custom) |
Credits
Adam Kues
Assetnote Attack Surface Management
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10b_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5217",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T19:00:26.864987Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:49.508Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2024-5217 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:03:11.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10b Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u0026nbsp;\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-184",
"description": "CWE-184 Incomplete List of Disallowed Inputs",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:29:22.478Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1648313"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Incomplete Input Validation in GlideExpression Script",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-5217",
"datePublished": "2024-07-10T16:28:32.649Z",
"dateReserved": "2024-05-22T18:36:08.570Z",
"dateUpdated": "2025-10-21T22:55:49.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-4879 (GCVE-0-2024-4879)
Vulnerability from nvd – Published: 2024-07-10 16:16 – Updated: 2025-10-21 22:55
VLAI?
Summary
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Severity ?
9.8 (Critical)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
0 , < Utah Patch 10 Hot Fix 3
(custom)
Affected: 0 , < Utah Patch 10a Hot Fix 2 (custom) Affected: 0 , < Vancouver Patch 6 Hot Fix 2 (custom) Affected: 0 , < Vancouver Patch 7 Hot Fix 3b (custom) Affected: 0 , < Vancouver Patch 8 Hot Fix 4 (custom) Affected: 0 , < Vancouver Patch 9 (custom) Affected: 0 , < Vancouver Patch 10 (custom) Affected: 0 , < Washington DC Patch 1 Hot Fix 2b (custom) Affected: 0 , < Washington DC Patch 2 Hot Fix 2 (custom) Affected: 0 , < Washington DC Patch 3 Hot Fix 1 (custom) Affected: 0 , < Washington DC Patch 4 (custom) |
Credits
Adam Kues
Assetnote Attack Surface Management
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:servicenow:servicenow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "servicenow",
"vendor": "servicenow",
"versions": [
{
"lessThan": "utah_patch_10_hot_fix_3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "utah_patch_10a_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_6_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_7_hot_fix_3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_8_hot_fix_4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "vancouver_patch_10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_1_hot_fix_2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_2_hot_fix_2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_3_hot_fix_1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "washington_dc_patch_4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-4879",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-29T18:58:02.257329Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-07-29",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:49.702Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-4879"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-07-29T00:00:00+00:00",
"value": "CVE-2024-4879 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:55:10.283Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"tags": [
"x_login-required",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Utah Patch 10 Hot Fix 3",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 10a Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 6 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 7 Hot Fix 3b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 8 Hot Fix 4",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 9",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Vancouver Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 1 Hot Fix 2b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 2 Hot Fix 2",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 3 Hot Fix 1",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Washington DC Patch 4",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Adam Kues"
},
{
"lang": "en",
"type": "finder",
"value": "Assetnote Attack Surface Management"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u003c/span\u003e\u0026nbsp;\u003c/span\u003eServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.\u003cdiv\u003e\u003c/div\u003e"
}
],
"value": "ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1287",
"description": "CWE-1287 Improper Validation of Specified Type of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-29T22:28:49.374Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1645154"
},
{
"tags": [
"x_login-required"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1644293"
},
{
"url": "https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Jelly Template Injection Vulnerability in ServiceNow UI Macros",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2024-4879",
"datePublished": "2024-07-10T16:16:39.926Z",
"dateReserved": "2024-05-14T17:39:41.655Z",
"dateUpdated": "2025-10-21T22:55:49.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1298 (GCVE-0-2023-1298)
Vulnerability from nvd – Published: 2023-07-06 17:13 – Updated: 2024-10-21 21:11
VLAI?
Summary
ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.
Severity ?
4.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now User Experience |
Affected:
0 , < San Diego Patch 10
(custom)
Affected: 0 , < Tokyo Patch 4b (custom) Affected: 0 , < Tokyo Patch 6 (custom) Affected: 0 , < Utah Patch 1 (custom) |
Credits
Osama Yousef
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1310230"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1298",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-21T21:06:59.183731Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-21T21:11:09.595Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now User Experience",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "San Diego Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 4b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Osama Yousef"
}
],
"datePublic": "2023-07-06T17:15:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-07T17:13:15.119Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1310230"
},
{
"url": "https://www.linkedin.com/in/osamay/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2023-1298",
"datePublished": "2023-07-06T17:13:27.552Z",
"dateReserved": "2023-03-09T19:33:01.065Z",
"dateUpdated": "2024-10-21T21:11:09.595Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-43684 (GCVE-0-2022-43684)
Vulnerability from nvd – Published: 2023-06-13 18:51 – Updated: 2025-02-13 16:33
VLAI?
Summary
ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.
Additional Details
This issue is present in the following supported ServiceNow releases:
* Quebec prior to Patch 10 Hot Fix 8b
* Rome prior to Patch 10 Hot Fix 1
* San Diego prior to Patch 7
* Tokyo prior to Tokyo Patch 1; and
* Utah prior to Utah General Availability
If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
Severity ?
9.9 (Critical)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
Quebec , < Patch 10 Hot Fix 8b
(custom)
Affected: Rome , < Patch 10 Hot Fix 1 (custom) Affected: San Diego , < Patch 7 (custom) Affected: Tokyo , < Tokyo Patch 1 (custom) Affected: Utah , < Utah General Availability (GA) (custom) |
Credits
Luke Symons
Tony Wu
Eldar Marcussen
Gareth Phillips
Jeff Thomas
Nadeem Salim
Stephen Bradshaw
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:40:06.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"tags": [
"x_transferred"
],
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"tags": [
"x_transferred"
],
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-43684",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-02T20:40:28.652664Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-02T20:40:46.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Patch 10 Hot Fix 8b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hot Fix 1",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 7",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 1",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"lessThan": "Utah General Availability (GA)",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Luke Symons"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tony Wu"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Eldar Marcussen"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Gareth Phillips"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jeff Thomas"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nadeem Salim"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Stephen Bradshaw"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cp\u003eServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\u003c/p\u003e\u003c/div\u003e\u003cp\u003e\u003cstrong\u003eAdditional Details\u003c/strong\u003e\u003c/p\u003e\u003cdiv\u003e\u003cp\u003eThis issue is present in the following supported ServiceNow releases: \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003eQuebec prior to Patch 10 Hot Fix 8b\u003c/li\u003e\u003cli\u003eRome prior to Patch 10 Hot Fix 1\u003c/li\u003e\u003cli\u003eSan Diego prior to Patch 7\u003c/li\u003e\u003cli\u003eTokyo prior to Tokyo Patch 1; and \u003c/li\u003e\u003cli\u003eUtah prior to Utah General Availability \u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.\u003c/p\u003e\u003c/div\u003e"
}
],
"value": "ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.\n\n\n\nAdditional Details\n\nThis issue is present in the following supported ServiceNow releases: \n\n\n\n * Quebec prior to Patch 10 Hot Fix 8b\n * Rome prior to Patch 10 Hot Fix 1\n * San Diego prior to Patch 7\n * Tokyo prior to Tokyo Patch 1; and \n * Utah prior to Utah General Availability \n\n\n\n\nIf this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-11T17:06:41.003Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1303489"
},
{
"url": "http://seclists.org/fulldisclosure/2023/Jul/11"
},
{
"url": "https://news.ycombinator.com/item?id=36638530"
},
{
"url": "https://x64.sh/posts/ServiceNow-Insecure-access-control-to-admin/"
},
{
"url": "http://packetstormsecurity.com/files/173354/ServiceNow-Insecure-Access-Control-Full-Admin-Compromise.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ACL bypass in Reporting functionality",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-43684",
"datePublished": "2023-06-13T18:51:39.984Z",
"dateReserved": "2022-10-24T04:08:01.240Z",
"dateUpdated": "2025-02-13T16:33:36.489Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1209 (GCVE-0-2023-1209)
Vulnerability from nvd – Published: 2023-05-23 16:41 – Updated: 2025-01-17 17:45
VLAI?
Summary
Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts.
Severity ?
4.3 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | ServiceNow Records |
Affected:
0 , < Tokyo Patch 5
(custom)
Affected: 0 , < Tokyo Patch 4a (custom) Affected: 0 , < San Diego Patch 10 (custom) Affected: 0 , < San Diego Patch 9a (custom) Affected: 0 , < Rome Patch 10 Hot Fix 4b (custom) Affected: 0 , < Utah Patch 1 (custom) |
Credits
Osama Yousef
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.882Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1262967"
},
{
"tags": [
"x_reporter",
"x_transferred"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1209",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T17:45:41.144892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T17:45:49.612Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ServiceNow Records",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Tokyo Patch 5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Tokyo Patch 4a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "San Diego Patch 10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "San Diego Patch 9a",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Rome Patch 10 Hot Fix 4b",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "Utah Patch 1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Osama Yousef"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts."
}
],
"value": "Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-23T16:41:39.227Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1262967"
},
{
"tags": [
"x_reporter"
],
"url": "https://www.linkedin.com/in/osamay/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2023-1209",
"datePublished": "2023-05-23T16:41:28.194Z",
"dateReserved": "2023-03-06T19:57:41.453Z",
"dateUpdated": "2025-01-17T17:45:49.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46389 (GCVE-0-2022-46389)
Vulnerability from nvd – Published: 2023-04-17 00:00 – Updated: 2025-02-06 16:01
VLAI?
Summary
There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console.
Severity ?
6.1 (Medium)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | Now Platform |
Affected:
Quebec , < Patch 10 Hotfix 11b
(custom)
Affected: Rome , < Patch 10 Hotfix 3b (custom) Affected: San Diego , < Patch 9 (custom) Affected: Tokyo , < Patch 4 (custom) Affected: Utah , < GA (custom) |
Credits
Bao Bui a.k.a 0xd0ff9 from VNG Security Team
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:31:46.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T16:01:34.843493Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T16:01:59.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Now Platform",
"vendor": "ServiceNow",
"versions": [
{
"lessThan": "Patch 10 Hotfix 11b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 3b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 9",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Patch 4",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"lessThan": "GA",
"status": "affected",
"version": "Utah",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Bao Bui a.k.a 0xd0ff9 from VNG Security Team"
}
],
"datePublic": "2023-04-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T00:00:00.000Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1272156"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Cross-Site Scripting (XSS) vulnerability found on logout functionality",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-46389",
"datePublished": "2023-04-17T00:00:00.000Z",
"dateReserved": "2022-12-04T00:00:00.000Z",
"dateUpdated": "2025-02-06T16:01:59.247Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46886 (GCVE-0-2022-46886)
Vulnerability from nvd – Published: 2023-04-14 00:00 – Updated: 2025-02-06 21:46
VLAI?
Summary
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.
Severity ?
5.5 (Medium)
CWE
- open redirect
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | ServiceNow |
Affected:
Tokyo , < Tokyo Patch 1b
(custom)
Affected: San Diego , < San Diego Patch 7b (custom) Affected: Rome , < Rome Patch 10 Hotfix 2b (custom) Affected: Quebec , < Quebec Patch 10 Hotfix 10b (custom) |
Credits
theamanrawat
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:39:38.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46886",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T21:46:23.163978Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T21:46:36.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ServiceNow",
"vendor": "ServiceNow",
"versions": [
{
"changes": [
{
"at": "Tokyo Patch 3",
"status": "unaffected"
}
],
"lessThan": "Tokyo Patch 1b",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"changes": [
{
"at": "San Diego Patch 9",
"status": "unaffected"
}
],
"lessThan": "San Diego Patch 7b",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"changes": [
{
"at": "Rome Patch 10 Hotfix 3b",
"status": "unaffected"
}
],
"lessThan": "Rome Patch 10 Hotfix 2b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Quebec Patch 10 Hotfix 10b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "theamanrawat"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\u003c/p\u003e"
}
],
"value": "There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSuccessful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing. This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\u003c/p\u003e"
}
],
"value": "Successful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing. This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "open redirect",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T21:53:31.401Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-46886",
"datePublished": "2023-04-14T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2025-02-06T21:46:36.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39048 (GCVE-0-2022-39048)
Vulnerability from nvd – Published: 2023-04-10 00:00 – Updated: 2025-02-07 20:14
VLAI?
Summary
A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems.
Severity ?
6.1 (Medium)
CWE
- Cross Site Scripting (XSS)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Servicenow | Now Platform |
Affected:
Tokyo , < Patch 1a
(custom)
Affected: San Diego , < Patch 7b (custom) Affected: Rome , < Patch 10 Hotfix 2b (custom) Affected: Quebec , < Patch 10 Hotfix 10b (custom) |
Credits
theamanrawat
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T11:10:32.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39048",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T20:13:45.492244Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T20:14:00.361Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Now Platform",
"vendor": "Servicenow",
"versions": [
{
"changes": [
{
"at": "Patch 2",
"status": "unaffected"
}
],
"lessThan": "Patch 1a",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"changes": [
{
"at": "Patch 9",
"status": "unaffected"
}
],
"lessThan": "Patch 7b",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 2b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Patch 10 Hotfix 10b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "theamanrawat"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\u003c/p\u003e"
}
],
"value": "A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user\u0027s browser or session to attack other systems.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross Site Scripting (XSS)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T15:27:13.546Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/"
},
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1221892"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting (XSS) vulnerability in ServiceNow UI page assessment_redirect",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-39048",
"datePublished": "2023-04-10T00:00:00.000Z",
"dateReserved": "2022-08-31T00:00:00.000Z",
"dateUpdated": "2025-02-07T20:14:00.361Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}