CVE-2022-46886 (GCVE-0-2022-46886)

Vulnerability from cvelistv5 – Published: 2023-04-14 00:00 – Updated: 2025-02-06 21:46
VLAI?
Summary
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.
Severity ?
5.5 (Medium)
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
CWE
  • open redirect
Assigner
SN
References
Impacted products
Vendor Product Version
ServiceNow ServiceNow Affected: Tokyo , < Tokyo Patch 1b (custom)
Affected: San Diego , < San Diego Patch 7b (custom)
Affected: Rome , < Rome Patch 10 Hotfix 2b (custom)
Affected: Quebec , < Quebec Patch 10 Hotfix 10b (custom)
Create a notification for this product.
Credits
theamanrawat
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:39:38.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-46886",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-06T21:46:23.163978Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-601",
                "description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-06T21:46:36.801Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "ServiceNow",
          "vendor": "ServiceNow",
          "versions": [
            {
              "changes": [
                {
                  "at": "Tokyo Patch 3",
                  "status": "unaffected"
                }
              ],
              "lessThan": "Tokyo Patch 1b",
              "status": "affected",
              "version": "Tokyo",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "San Diego Patch 9",
                  "status": "unaffected"
                }
              ],
              "lessThan": "San Diego Patch 7b",
              "status": "affected",
              "version": "San Diego",
              "versionType": "custom"
            },
            {
              "changes": [
                {
                  "at": "Rome Patch 10 Hotfix 3b",
                  "status": "unaffected"
                }
              ],
              "lessThan": "Rome Patch 10 Hotfix 2b",
              "status": "affected",
              "version": "Rome",
              "versionType": "custom"
            },
            {
              "lessThan": "Quebec Patch 10 Hotfix 10b",
              "status": "affected",
              "version": "Quebec",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "theamanrawat"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\u003c/p\u003e"
            }
          ],
          "value": "There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n"
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eSuccessful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing.  This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\u003c/p\u003e"
            }
          ],
          "value": "Successful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing.  This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "open redirect",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-17T21:53:31.401Z",
        "orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
        "shortName": "SN"
      },
      "references": [
        {
          "url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
    "assignerShortName": "SN",
    "cveId": "CVE-2022-46886",
    "datePublished": "2023-04-14T00:00:00.000Z",
    "dateReserved": "2022-12-09T00:00:00.000Z",
    "dateUpdated": "2025-02-06T21:46:36.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:quebec:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5A68765-7406-48CB-965E-6C09A7465CF7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:quebec:patch_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"8816E561-8E81-4C30-9C48-7836069202D9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"52C8A7D2-F930-4078-9E9D-E48782E46CBD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"512C81E4-0C27-42EC-AD05-7563B50EF1DD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5BBA03C-2A2E-4259-9F8E-99622F6758B7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"D609B90C-E67E-461A-8756-36E06E265FF0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A05F1AF-0E08-4280-A006-A27C917C9E82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E3198D2-CC9C-46F7-A366-6C16F3F35439\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD0D5C00-C5D2-4E30-BEB7-AA2ACBE68CF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5B1C958-54DF-45BE-BD2B-60A44B846971\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2a:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BE785D2-A5C9-4ED7-968A-C01F257E8514\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4FEEDD5-F852-49AA-BDF9-869040C7F3C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"763B0915-14EF-4405-AAB6-78B185D5744B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"B053530E-1CB3-4A86-BD4B-569750776A53\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CF1B2AB-D561-4396-AA99-71FCD55B5D3E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"00EE16EE-B759-4BD8-A30B-C952142C860E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"1F157018-E6F2-45D1-8B54-68C051247798\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*\", \"matchCriteriaId\": \"88603AEF-0EC2-4006-B7F2-E5FFAC8F354C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB5BC2C0-A5CF-455F-A732-E49672B5682E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*\", \"matchCriteriaId\": \"66E9CCC4-7BC4-4FC2-8B54-B8746A83256C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"56E7DB16-6ABC-4ED3-99C1-A33914242405\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"55AC0E29-0F51-4D1D-A5EF-AECD29FAE417\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"5DCC0D37-6840-4882-84E1-AE1E83ABF31B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"CF53F785-2D19-48FB-9D88-9817785E5082\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC20DB81-AA27-4BE5-9296-2E4E6000F56B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"DECC9979-3A0B-4F36-85D1-DD539A7D18C9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*\", \"matchCriteriaId\": \"563F3D85-A23A-453F-9932-3044F8B5566C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C770579-EDDC-4F46-8288-33A13289A8A4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"78447698-90FF-4010-BF0B-3294E2EBB69B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A32EF135-C229-49B1-8766-1ED6066C7CC8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"22E5BA6F-6C66-4589-8AA9-C76776DCFCCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE93BECE-CC4A-400A-9322-5E61DA5E6A75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"38D3CF30-CAC5-49B1-B527-9C9D24C28A54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C48A10D-0295-4023-AB20-0BE4D8AA582A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*\", \"matchCriteriaId\": \"0F42AF52-C388-44BB-B328-5E77CF9E4622\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"71A44062-D94F-4246-A218-33AD4C43C7FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A4ABAF4-C84B-4E7B-A156-24640B7D56EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*\", \"matchCriteriaId\": \"2855AE65-1B96-4537-BB6E-7659114955EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*\", \"matchCriteriaId\": \"63725CBE-34A5-4B9E-BA8E-32E66B89C646\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B2DC45C-17A0-4D92-AB29-3497DA43707E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"F2822278-2089-4F78-86EE-D63A9516B5A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"49444E5E-0AB7-4083-8663-089955134AA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B5E2C3D-F838-48E0-8135-455AF964221D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*\", \"matchCriteriaId\": \"2494C288-83E1-48DF-9661-540B26C9137E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*\", \"matchCriteriaId\": \"815997A7-39CB-4C78-B776-54DECE294AA1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"DE7FDD4B-163B-462A-A80C-454F5040FF90\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*\", \"matchCriteriaId\": \"FB55D9E6-FD9C-48A8-800D-10C665120792\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*\", \"matchCriteriaId\": \"D481F300-EDF4-4E22-B865-F3AAFCE27692\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*\", \"matchCriteriaId\": \"311B0413-3771-4CAF-9A14-0726B2923A76\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*\", \"matchCriteriaId\": \"5C99222F-B676-471F-8E44-707024B2B097\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*\", \"matchCriteriaId\": \"276A7ABE-2437-455C-9C5B-C05CAAC183A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*\", \"matchCriteriaId\": \"BB9E765B-C094-4FC4-B9E3-0732F24C10D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"4332BE18-DA60-4921-A9DF-C434AB32839B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:servicenow:servicenow:tokyo:patch1:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B73C50B-B52A-41E0-9B5B-E84CEA5503B4\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\\n\\n\"}]",
      "id": "CVE-2022-46886",
      "lastModified": "2024-11-21T07:31:14.717",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@servicenow.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 3.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}]}",
      "published": "2023-04-14T20:15:09.413",
      "references": "[{\"url\": \"https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857\", \"source\": \"psirt@servicenow.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "psirt@servicenow.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-601\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-46886\",\"sourceIdentifier\":\"psirt@servicenow.com\",\"published\":\"2023-04-14T20:15:09.413\",\"lastModified\":\"2025-02-06T22:15:34.057\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\\n\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@servicenow.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.1,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:quebec:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5A68765-7406-48CB-965E-6C09A7465CF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:quebec:patch_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"8816E561-8E81-4C30-9C48-7836069202D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"52C8A7D2-F930-4078-9E9D-E48782E46CBD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"512C81E4-0C27-42EC-AD05-7563B50EF1DD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5BBA03C-2A2E-4259-9F8E-99622F6758B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D609B90C-E67E-461A-8756-36E06E265FF0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_1_hotfix_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A05F1AF-0E08-4280-A006-A27C917C9E82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_10:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E3198D2-CC9C-46F7-A366-6C16F3F35439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD0D5C00-C5D2-4E30-BEB7-AA2ACBE68CF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B1C958-54DF-45BE-BD2B-60A44B846971\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_10_hotfix_2a:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BE785D2-A5C9-4ED7-968A-C01F257E8514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAA82A56-93C2-47DC-92BA-D2EBF0C19EEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4FEEDD5-F852-49AA-BDF9-869040C7F3C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_2_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"763B0915-14EF-4405-AAB6-78B185D5744B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B053530E-1CB3-4A86-BD4B-569750776A53\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_3_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CF1B2AB-D561-4396-AA99-71FCD55B5D3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"00EE16EE-B759-4BD8-A30B-C952142C860E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F157018-E6F2-45D1-8B54-68C051247798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1a:*:*:*:*:*:*\",\"matchCriteriaId\":\"88603AEF-0EC2-4006-B7F2-E5FFAC8F354C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_4_hotfix_1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB5BC2C0-A5CF-455F-A732-E49672B5682E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_5:*:*:*:*:*:*\",\"matchCriteriaId\":\"66E9CCC4-7BC4-4FC2-8B54-B8746A83256C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"56E7DB16-6ABC-4ED3-99C1-A33914242405\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_5_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"55AC0E29-0F51-4D1D-A5EF-AECD29FAE417\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"5DCC0D37-6840-4882-84E1-AE1E83ABF31B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF53F785-2D19-48FB-9D88-9817785E5082\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_6_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EAAADE1-5804-44FB-BD9A-881BDA4FE1F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC20DB81-AA27-4BE5-9296-2E4E6000F56B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_7_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"DECC9979-3A0B-4F36-85D1-DD539A7D18C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_7a:*:*:*:*:*:*\",\"matchCriteriaId\":\"563F3D85-A23A-453F-9932-3044F8B5566C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_7b:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C770579-EDDC-4F46-8288-33A13289A8A4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"78447698-90FF-4010-BF0B-3294E2EBB69B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A32EF135-C229-49B1-8766-1ED6066C7CC8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_8_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"22E5BA6F-6C66-4589-8AA9-C76776DCFCCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_9:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE93BECE-CC4A-400A-9322-5E61DA5E6A75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_9_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"38D3CF30-CAC5-49B1-B527-9C9D24C28A54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_9a:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C48A10D-0295-4023-AB20-0BE4D8AA582A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:rome:patch_9b:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F42AF52-C388-44BB-B328-5E77CF9E4622\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"71A44062-D94F-4246-A218-33AD4C43C7FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A4ABAF4-C84B-4E7B-A156-24640B7D56EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1a:*:*:*:*:*:*\",\"matchCriteriaId\":\"2855AE65-1B96-4537-BB6E-7659114955EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_1_hotfix_1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"63725CBE-34A5-4B9E-BA8E-32E66B89C646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B2DC45C-17A0-4D92-AB29-3497DA43707E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_2_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2822278-2089-4F78-86EE-D63A9516B5A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"49444E5E-0AB7-4083-8663-089955134AA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B5E2C3D-F838-48E0-8135-455AF964221D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_2:*:*:*:*:*:*\",\"matchCriteriaId\":\"2494C288-83E1-48DF-9661-540B26C9137E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_3:*:*:*:*:*:*\",\"matchCriteriaId\":\"815997A7-39CB-4C78-B776-54DECE294AA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_3_hotfix_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE7FDD4B-163B-462A-A80C-454F5040FF90\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:*\",\"matchCriteriaId\":\"FB55D9E6-FD9C-48A8-800D-10C665120792\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_4a:*:*:*:*:*:*\",\"matchCriteriaId\":\"D481F300-EDF4-4E22-B865-F3AAFCE27692\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_4b:*:*:*:*:*:*\",\"matchCriteriaId\":\"311B0413-3771-4CAF-9A14-0726B2923A76\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_6:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C99222F-B676-471F-8E44-707024B2B097\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_7:*:*:*:*:*:*\",\"matchCriteriaId\":\"276A7ABE-2437-455C-9C5B-C05CAAC183A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:san_diego:patch_8:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB9E765B-C094-4FC4-B9E3-0732F24C10D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:tokyo:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"4332BE18-DA60-4921-A9DF-C434AB32839B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:servicenow:servicenow:tokyo:patch1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B73C50B-B52A-41E0-9B5B-E84CEA5503B4\"}]}]}],\"references\":[{\"url\":\"https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857\",\"source\":\"psirt@servicenow.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T14:39:38.636Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-46886\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-06T21:46:23.163978Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-06T21:45:59.782Z\"}}], \"cna\": {\"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"theamanrawat\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ServiceNow\", \"product\": \"ServiceNow\", \"versions\": [{\"status\": \"affected\", \"changes\": [{\"at\": \"Tokyo Patch 3\", \"status\": \"unaffected\"}], \"version\": \"Tokyo\", \"lessThan\": \"Tokyo Patch 1b\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"San Diego Patch 9\", \"status\": \"unaffected\"}], \"version\": \"San Diego\", \"lessThan\": \"San Diego Patch 7b\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"changes\": [{\"at\": \"Rome Patch 10 Hotfix 3b\", \"status\": \"unaffected\"}], \"version\": \"Rome\", \"lessThan\": \"Rome Patch 10 Hotfix 2b\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"Quebec\", \"lessThan\": \"Quebec Patch 10 Hotfix 10b\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"exploits\": [{\"lang\": \"en\", \"value\": \"Successful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing.  This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eSuccessful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing.  This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\u003c/p\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"open redirect\"}]}], \"providerMetadata\": {\"orgId\": \"303448ea-6ef3-4077-ad29-5c9bf253c375\", \"shortName\": \"SN\", \"dateUpdated\": \"2023-04-17T21:53:31.401Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-46886\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-06T21:46:36.801Z\", \"dateReserved\": \"2022-12-09T00:00:00.000Z\", \"assignerOrgId\": \"303448ea-6ef3-4077-ad29-5c9bf253c375\", \"datePublished\": \"2023-04-14T00:00:00.000Z\", \"assignerShortName\": \"SN\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.