Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-43684
HistoryJun 13, 2023 - 7:15 p.m.

CVE-2022-43684

2023-06-1319:15:09
CWE-668
CWE-200
[email protected]
web.nvd.nist.gov
65
servicenow
patches
upgrades
acl bypass
cve-2022-43684
security
nvd

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.2%

JSON

ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality.

Additional Details

This issue is present in the following supported ServiceNow releases:

  • Quebec prior to Patch 10 Hot Fix 8b
  • Rome prior to Patch 10 Hot Fix 1
  • San Diego prior to Patch 7
  • Tokyo prior to Tokyo Patch 1; and
  • Utah prior to Utah General Availability

If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls.

Affected configurations

NVD
Node
servicenowservicenowMatchquebecpatch_1_hotfix_1
OR
servicenowservicenowMatchquebecpatch_10
OR
servicenowservicenowMatchquebecpatch_10_hotfix_3
OR
servicenowservicenowMatchquebecpatch_10_hotfix_3a
OR
servicenowservicenowMatchquebecpatch_10_hotfix_3b
OR
servicenowservicenowMatchquebecpatch_10_hotfix_4
OR
servicenowservicenowMatchquebecpatch_2
OR
servicenowservicenowMatchquebecpatch_2_hotfix_1
OR
servicenowservicenowMatchquebecpatch_2_hotfix_2
OR
servicenowservicenowMatchquebecpatch_3
OR
servicenowservicenowMatchquebecpatch_4
OR
servicenowservicenowMatchquebecpatch_4_hotfix_2
OR
servicenowservicenowMatchquebecpatch_5
OR
servicenowservicenowMatchquebecpatch_6
OR
servicenowservicenowMatchquebecpatch_7
OR
servicenowservicenowMatchquebecpatch_8
OR
servicenowservicenowMatchquebecpatch_9
OR
servicenowservicenowMatchromepatch_1
OR
servicenowservicenowMatchromepatch_1_hotfix_1
OR
servicenowservicenowMatchromepatch_1_hotfix_1a
OR
servicenowservicenowMatchromepatch_1_hotfix_1b
OR
servicenowservicenowMatchromepatch_1_hotfix_2
OR
servicenowservicenowMatchromepatch_1_hotfix_3
OR
servicenowservicenowMatchromepatch_10
OR
servicenowservicenowMatchromepatch_2
OR
servicenowservicenowMatchromepatch_2_hotfix_1
OR
servicenowservicenowMatchromepatch_2_hotfix_2
OR
servicenowservicenowMatchromepatch_3
OR
servicenowservicenowMatchromepatch_3_hotfix_1
OR
servicenowservicenowMatchromepatch_4
OR
servicenowservicenowMatchromepatch_4_hotfix_1
OR
servicenowservicenowMatchromepatch_4_hotfix_1a
OR
servicenowservicenowMatchromepatch_4_hotfix_1b
OR
servicenowservicenowMatchromepatch_5
OR
servicenowservicenowMatchromepatch_5_hotfix_1
OR
servicenowservicenowMatchromepatch_5_hotfix_2
OR
servicenowservicenowMatchromepatch_6
OR
servicenowservicenowMatchromepatch_6_hotfix_1
OR
servicenowservicenowMatchromepatch_6_hotfix_2
OR
servicenowservicenowMatchromepatch_7
OR
servicenowservicenowMatchromepatch_7_hotfix_1
OR
servicenowservicenowMatchromepatch_7a
OR
servicenowservicenowMatchromepatch_7b
OR
servicenowservicenowMatchromepatch_8
OR
servicenowservicenowMatchromepatch_8_hotfix_1
OR
servicenowservicenowMatchromepatch_8_hotfix_2
OR
servicenowservicenowMatchromepatch_9
OR
servicenowservicenowMatchromepatch_9_hotfix_1
OR
servicenowservicenowMatchromepatch_9a
OR
servicenowservicenowMatchromepatch_9b
OR
servicenowservicenowMatchsan_diegopatch_1
OR
servicenowservicenowMatchsan_diegopatch_1_hotfix_1
OR
servicenowservicenowMatchsan_diegopatch_1_hotfix_1a
OR
servicenowservicenowMatchsan_diegopatch_1_hotfix_1b
OR
servicenowservicenowMatchsan_diegopatch_10_hotfix_1
OR
servicenowservicenowMatchsan_diegopatch_10_hotfix_1a
OR
servicenowservicenowMatchsan_diegopatch_10_hotfix_1b
OR
servicenowservicenowMatchsan_diegopatch_10_hotfix_2
OR
servicenowservicenowMatchsan_diegopatch_10_hotfix_2b
OR
servicenowservicenowMatchsan_diegopatch_2
OR
servicenowservicenowMatchsan_diegopatch_2_hotfix_1
OR
servicenowservicenowMatchsan_diegopatch_3
OR
servicenowservicenowMatchsan_diegopatch_3_hotfix_1
OR
servicenowservicenowMatchsan_diegopatch_3_hotfix_2
OR
servicenowservicenowMatchsan_diegopatch_3_hotfix_3
OR
servicenowservicenowMatchsan_diegopatch_3_hotfix_4
OR
servicenowservicenowMatchsan_diegopatch_4
OR
servicenowservicenowMatchsan_diegopatch_4a
OR
servicenowservicenowMatchsan_diegopatch_4b
OR
servicenowservicenowMatchsan_diegopatch_5
OR
servicenowservicenowMatchsan_diegopatch_6
OR
servicenowservicenowMatchtokyo-
OR
servicenowservicenowMatchutah-

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Now Platform",
    "vendor": "ServiceNow",
    "versions": [
      {
        "lessThan": "Patch 10 Hot Fix 8b",
        "status": "affected",
        "version": "Quebec",
        "versionType": "custom"
      },
      {
        "lessThan": "Patch 10 Hot Fix 1",
        "status": "affected",
        "version": "Rome",
        "versionType": "custom"
      },
      {
        "lessThan": "Patch 7",
        "status": "affected",
        "version": "San Diego",
        "versionType": "custom"
      },
      {
        "lessThan": "Tokyo Patch 1",
        "status": "affected",
        "version": "Tokyo",
        "versionType": "custom"
      },
      {
        "lessThan": "Utah General Availability (GA)",
        "status": "affected",
        "version": "Utah",
        "versionType": "custom"
      }
    ]
  }
]

Related

cvelist 1
prion 1
nvd 1
githubexploit 1
cvelist
cvelist
CVE-2022-43684 ACL bypass in Reporting functionality
2023-06-13 18:51:39
prion
prion
Authorization
2023-06-13 19:15:00
nvd
nvd
CVE-2022-43684
2023-06-13 19:15:09
githubexploit
githubexploit
Exploit for Exposure of Resource to Wrong Sphere in Servicenow
2023-07-05 20:53:42

9.9 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.2%

JSON
Related for CVE-2022-43684
cvelist1prion1nvd1githubexploit1