5 matches found
CVE-2025-12420 Unauthenticated Privilege Escalation in ServiceNow AI Platform
A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update...
CVE-2025-3089 Broken Access Control in ServiceNow AI Platform
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading...
ServiceNow Now Platform 安全漏洞
ServiceNow Now Platform is a cloud-based platform from US-based ServiceNow that uses AI and machine learning to automate and optimize work across the enterprise. A security vulnerability exists in ServiceNow Now Platform that stems from the presence of an HTML injection vulnerability that could...
PT-2024-9533 · Servicenow · Servicenow
Name of the Vulnerable Software and Affected Versions: ServiceNow affected versions not specified Description: The issue is related to incorrect code generation management in the Now Platform, which could enable an unauthenticated user to remotely execute code within the context of the Now...
VulnCheck KEV: CVE-2024-4879
ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely...