CVE-2024-4879

Jelly Template Injection Vulnerability in ServiceNow UI Macros

Basic Information

CVE State: PUBLISHED
Reserved Date: May 14, 2024
Published Date: July 10, 2024
Last Updated: February 13, 2025
Vendor: ServiceNow
Product: Now Platform
Description: ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.

CVSS Scores

CVSS v4.0

9.3 - CRITICAL

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2024-07-29 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2024-07-16 04:03:28 UTC) Source

References

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154 https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1644293 https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit

Known Exploited Vulnerability Information

Source	Added Date
CISA	2024-07-29 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-4879.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

gh-ost00/CVE-2024-4879

Type: github • Created: 2024-08-27 03:43:28 UTC • Stars: 4

Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879

NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning

Type: github • Created: 2024-07-28 06:51:33 UTC • Stars: 4

CVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.

Praison001/CVE-2024-4879-ServiceNow

Type: github • Created: 2024-07-16 04:03:28 UTC • Stars: 1

Exploit for CVE-2024-4879 affecting Vancouver, Washington DC Now and Utah Platform releases

Mr-r00t11/CVE-2024-4879

Type: github • Created: 2024-07-12 21:43:48 UTC • Stars: 4

bigb0x/CVE-2024-4879

Type: github • Created: 2024-07-12 13:02:47 UTC • Stars: 10

Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability

Brut-Security/CVE-2024-4879

Type: github • Created: 2024-07-12 10:32:37 UTC • Stars: 23

CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow