CVE-2024-4879

NVD Published Date: July 10, 2024 at 05:15 PM
NVD Last Modified: July 30, 2024 at 03:13 PM
Download Patch
Vulnerability ID
CVE-2024-4879
Severity
CRITICAL
Severity Score
9.8
Summary
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Mitigation and Patches
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE ID
NVD-CWE-Other

Recent Publish

CVE-2023-45249

CVE-2019-1003030

CVE-2019-1003029

CVE-2019-10758

CVE-2023-41265

CVE-2012-0507

See SecOps Solution
in action

Schedule Demo