ServiceNow Addresses Sensitive File Read Vulnerability in Now Platform Releases
CVE-2024-5178

Currently unrated

Key Information:

Vendor

Servicenow

Status
Now Platform
Vendor
CVE Published:
10 July 2024

Badges

đź“° News Worthy

What is CVE-2024-5178?

ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server. The vulnerability is addressed in the listed patches and hot fixes, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.

Affected Version(s)

Now Platform 0

Now Platform 0

Now Platform 0

News Articles

favicon imageArctic Wolf

CVE-2024-4879, CVE-2024-5178, CVE-2024-5217 | Arctic Wolf

On July 10, 2024, ServiceNow disclosed a series of critical vulnerabilities impacting their platform, identified as CVE-2024-4879, CVE-2024-5178, and CVE-2024-5217. Find Arctic Wolf's recommendations.

favicon imageCyber Kendra

Critical ServiceNow Vulnerabilities Allow Full Database Access to Hackers - Cyber Kendra

Critical ServiceNow Vulnerabilities Allow Full Database Access to Hackers

References

https://support.servicenow.com/kb?id=kb_article_view&sysp...
https://support.servicenow.com/kb?id=kb_article_view&sysp...
x_login-required

Timeline

  • đź“°

    First article discovered by Cyber Kendra

  • Vulnerability published

  • Vulnerability Reserved

Credit

Adam Kues
Assetnote Attack Surface Management
.
CVE-2024-5178 : ServiceNow Addresses Sensitive File Read Vulnerability in Now Platform Releases