ServiceNow, has recently disclosed three critical security vulnerabilities that could have severe consequences for organizations worldwide.
These vulnerabilities, identified as CVE-2024-4879, CVE-2024-5217, and CVE-2024-5178, affect various versions of the Now Platform, including Washington D.C., Vancouver, and Utah releases.
The most alarming of these flaws are CVE-2024-4879 with a CVSSv4 score of 9.3 and CVE-2024-5217 with a CVSSv4 score of 9.2, respectively. These vulnerabilities enable unauthenticated remote attackers to execute arbitrary code within the Now Platform, potentially leading to complete system compromise, data theft, and disruption of critical business operations.
The third vulnerability, CVE-2024-5178, with a CVSSv4 score of 4.0, allows administrative users to gain unauthorized access to sensitive files on the web application server. While not as severe as the previous two, this flaw still poses a significant risk of data exposure and unauthorized access to confidential information.
Security researchers at Assetnote, who discovered a chain of vulnerabilities that could lead to full database access and complete control of any MID servers configured with ServiceNow. This means that attackers exploiting these vulnerabilities could gain access to a vast amount of sensitive data and potentially disrupt or sabotage critical infrastructure.
Assetnote disclosed this chain of vulnerabilities to ServiceNow on the 14th of May 2024. and they released the patches and hotfixes in the month of June to address these vulnerabilities. It is crucial for organizations using ServiceNow to apply these updates immediately to protect their systems and data from potential attacks.
For more information visit the Assetnote blog
Nice post
👍