Fortra is actively investigating a vulnerability in the ServiceNow Vancouver and Washington, D.C. Now Platform releases. This vulnerability, CVE-2024-4879, could enable an unauthenticated user to remotely execute code within the Now Platform. ServiceNow has released an update, patches, and hot fixes to address this vulnerability.
Who is affected?
ServiceNow has not released a detailed list of vulnerable versions. Alert Logic recommends assuming you are vulnerable if you are on the Utah, Vancouver, or Washington release and not using one of the patched versions listed below.
What can I do?
ServiceNow has proactively updated hosted instances and released updates to partners and self-hosted customers. Customers are recommended to apply the relevant security patches as soon as possible.
Release | Fixed Versions |
Utah | Utah Patch 10 Hot Fix 3 Utah Patch 10a Hot Fix 2 |
Vancouver | Vancouver Patch 6 Hot Fix 2 Vancouver Patch 7 Hot Fix 3b Vancouver Patch 8 Hot Fix 4 Vancouver Patch 9 Vancouver Patch 10 |
Washington | Washington DC Patch 1 Hot Fix 2b Washington DC Patch 2 Hot Fix 2 Washington DC Patch 3 Hot Fix 1 Washington DC Patch 4 |
Additional updates may become available. Refer to ServiceNow's advisory for the latest patch information.
How is Alert Logic helping me?
Alert Logic is actively researching this threat to build detection capabilities in addition to those listed below.
Vulnerability Scanning: Alert Logic released unauthenticated scan coverage on July 15, 2024. If the vulnerability is found, an exposure (EID: 272341) will be raised for CVE-2024-4879.
Updates
Alert Logic has kicked off the Emerging Threat process for this vulnerability. This article will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.
07/15/2024: Alert Logic released unauthenticated scan coverage to detect vulnerable versions.
Comments
0 comments
Please sign in to leave a comment.