CVE-2024-5217

CRITICAL KEV NUCLEI

ServiceNow - RCE

Title source: llm

Description

ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.

Exploits (1)

vulncheck_xdb SCANNER

remote

https://github.com/NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning

View Code ZIP pw:eip

Nuclei Templates (1)

ServiceNow - Incomplete Input Validation

CRITICALVERIFIEDby DhiyaneshDk,ritikchaddha

Shodan: http.favicon.hash:"1701804003" || http.title:"servicenow"

FOFA: icon_hash=1701804003 || title="servicenow"

References (4)

[Permissions Required] https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1644293

[Vendor Advisory] https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1648313

[Press/Media Coverage] https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-5217

Scores

CVSS v3 9.8

EPSS 0.9411

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CISA KEV 2024-07-29

VulnCheck KEV 2024-07-20

InTheWild.io 2024-07-29

ENISA EUVD EUVD-2024-46457

CWE

CWE-184 CWE-697

Status published

Products (2)

servicenow/servicenow utah (47 CPE variants)

servicenow/servicenow vancouver (3 CPE variants)

Published Jul 10, 2024

KEV Added Jul 29, 2024

Tracked Since Feb 18, 2026