KEVIntel

Vulnerability detail

Enriched intelligence for a single CVE

Back to KEVs

9.3

CVSS
Critical

CVE-2024-4879

PUBLISHED

Jelly Template Injection Vulnerability in ServiceNow UI Macros

Exploited in the wild PoC available Remote Low complexity No user interaction

Vendor: ServiceNow
Product: Now Platform
Published: Jul 10, 2024
EPSS: —

Description

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.

cisa nuclei_scanner nessus_scanner

CVSS scores

CVSS v4.0 9.3 Critical

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CVSS v3.1 9.8 Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2024-07-29 00:00:00 UTC · Source

Proof of concept available

Recorded 2024-07-16 04:03:28 UTC · Source

SSVC decision points

Exploitation: active
Automatable: Yes
Technical impact: total

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source	Added
CISA	Jul 29, 2024

Scanner integrations

Scanner	Reference	Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-4879.yaml	Apr 25, 2025
Nessus	https://www.tenable.com/plugins/nessus/214850	Jan 31, 2025