CVE-2024-4879: ServiceNow Improper Input Validation Vulnerability
First published: Wed Jul 10 2024(Updated: )
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Credit: psirt@servicenow.com psirt@servicenow.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ServiceNow | =utah | |
| ServiceNow | =utah-early_availability | |
| ServiceNow | =utah-patch_1 | |
| ServiceNow | =utah-patch_1_hotfix_1 | |
| ServiceNow | =utah-patch_1_hotfix_1a | |
| ServiceNow | =utah-patch_1_hotfix_1b | |
| ServiceNow | =utah-patch_1_hotfix_2 | |
| ServiceNow | =utah-patch_10 | |
| ServiceNow | =utah-patch_10_hotfix_1 | |
| ServiceNow | =utah-patch_10_hotfix_2 | |
| ServiceNow | =utah-patch_10a | |
| ServiceNow | =utah-patch_10a_hotfix_1 | |
| ServiceNow | =utah-patch_2 | |
| ServiceNow | =utah-patch_2_hotfix_1 | |
| ServiceNow | =utah-patch_2_hotfix_2 | |
| ServiceNow | =utah-patch_2_hotfix_3 | |
| ServiceNow | =utah-patch_2_hotfix_4 | |
| ServiceNow | =utah-patch_3 | |
| ServiceNow | =utah-patch_3_hotfix_1 | |
| ServiceNow | =utah-patch_3_hotfix_1b | |
| ServiceNow | =utah-patch_4 | |
| ServiceNow | =utah-patch_4_hotfix_1 | |
| ServiceNow | =utah-patch_4_hotfix_2 | |
| ServiceNow | =utah-patch_4_hotfix_2a | |
| ServiceNow | =utah-patch_4_hotfix_2b | |
| ServiceNow | =utah-patch_4_hotfix_3 | |
| ServiceNow | =utah-patch_4_hotfix_3b | |
| ServiceNow | =utah-patch_4_hotfix_4 | |
| ServiceNow | =utah-patch_4_hotfix_4b | |
| ServiceNow | =utah-patch_4_hotfix_5 | |
| ServiceNow | =utah-patch_5 | |
| ServiceNow | =utah-patch_5_hotfix_1 | |
| ServiceNow | =utah-patch_6 | |
| ServiceNow | =utah-patch_6_hotfix_1 | |
| ServiceNow | =utah-patch_6_hotfix_2 | |
| ServiceNow | =utah-patch_7 | |
| ServiceNow | =utah-patch_7_hotfix_1 | |
| ServiceNow | =utah-patch_7_hotfix_2 | |
| ServiceNow | =utah-patch_7a | |
| ServiceNow | =utah-patch_7b | |
| ServiceNow | =utah-patch_8 | |
| ServiceNow | =utah-patch_8_hotfix_2 | |
| ServiceNow | =utah-patch_9 | |
| ServiceNow | =utah-patch_9_hotfix_1 | |
| ServiceNow | =utah-patch_9_hotfix_1a | |
| ServiceNow | =utah-patch_9_hotfix_1b | |
| ServiceNow | =vancouver | |
| ServiceNow | =vancouver-patch_1 | |
| ServiceNow | =vancouver-patch_1_hotfix_1 | |
| ServiceNow | =vancouver-patch_10 | |
| ServiceNow | =vancouver-patch_2 | |
| ServiceNow | =vancouver-patch_2_hotfix_1 | |
| ServiceNow | =vancouver-patch_2_hotfix_1a | |
| ServiceNow | =vancouver-patch_2_hotfix_2 | |
| ServiceNow | =vancouver-patch_2_hotfix_3 | |
| ServiceNow | =vancouver-patch_2_hotfix1a | |
| ServiceNow | =vancouver-patch_3 | |
| ServiceNow | =vancouver-patch_3_hotfix_1 | |
| ServiceNow | =vancouver-patch_3_hotfix_2 | |
| ServiceNow | =vancouver-patch_3_hotfix_3 | |
| ServiceNow | =vancouver-patch_3_hotfix_4 | |
| ServiceNow | =vancouver-patch_4 | |
| ServiceNow | =vancouver-patch_4_hotfix_1 | |
| ServiceNow | =vancouver-patch_4_hotfix_1a | |
| ServiceNow | =vancouver-patch_4_hotfix_1b | |
| ServiceNow | =vancouver-patch_4_hotfix_2b | |
| ServiceNow | =vancouver-patch_5 | |
| ServiceNow | =vancouver-patch_5_hotfix_1 | |
| ServiceNow | =vancouver-patch_6 | |
| ServiceNow | =vancouver-patch_6_hotfix_1 | |
| ServiceNow | =vancouver-patch_7 | |
| ServiceNow | =vancouver-patch_7_hotfix_1 | |
| ServiceNow | =vancouver-patch_7_hotfix_1a | |
| ServiceNow | =vancouver-patch_7_hotfix_2 | |
| ServiceNow | =vancouver-patch_7_hotfix_2a | |
| ServiceNow | =vancouver-patch_7_hotfix_2b | |
| ServiceNow | =vancouver-patch_7_hotfix_3a | |
| ServiceNow | =vancouver-patch_8 | |
| ServiceNow | =vancouver-patch_8_hotfix_1 | |
| ServiceNow | =vancouver-patch_8_hotfix_2 | |
| ServiceNow | =vancouver-patch_8_hotfix_3 | |
| ServiceNow | =vancouver-patch_9 | |
| ServiceNow | =washington_dc | |
| ServiceNow | =washington_dc-patch_1 | |
| ServiceNow | =washington_dc-patch_1_hotfix_1 | |
| ServiceNow | =washington_dc-patch_1_hotfix_2 | |
| ServiceNow | =washington_dc-patch_1_hotfix_2a | |
| ServiceNow | =washington_dc-patch_2 | |
| ServiceNow | =washington_dc-patch_2_hotfix_1 | |
| ServiceNow | =washington_dc-patch_3 | |
| ServiceNow Now Platform |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.bleepingcomputer.com/news/security/critical-servicenow-rce-flaws-actively-exploited-to-steal-credentials/
- https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154
- https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1644293
- https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit
- https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154;
- https://nvd.nist.gov/vuln/detail/CVE-2024-4879
- https://www.theregister.com/2025/04/14/security_in_brief/
Frequently Asked Questions
What is the severity of CVE-2024-4879?
CVE-2024-4879 is classified as a critical vulnerability that allows remote code execution.
How do I fix CVE-2024-4879?
To fix CVE-2024-4879, users should apply the latest security patch provided by ServiceNow for the affected versions.
Which versions of ServiceNow are affected by CVE-2024-4879?
CVE-2024-4879 affects ServiceNow releases Utah, Vancouver, and Washington DC.
Can CVE-2024-4879 be exploited by unauthenticated users?
Yes, CVE-2024-4879 can be exploited remotely by unauthenticated users, allowing them to execute code.
What impact does CVE-2024-4879 have on the Now Platform?
CVE-2024-4879 could enable harmful actions within the Now Platform, potentially leading to data breaches.
- agent/weakness
- agent/type
- agent/first-publish-date
- agent/severity
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-4879
- alias/CVE-2024-5178
- alias/CVE-2024-5217
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/author
- agent/references
- agent/last-modified-date
- collector/darkreading
- source/Dark Reading
- agent/event
- agent/trending
- agent/source
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- agent/description
- collector/cisa-known-exploited
- source/CISA
- exploited/true
- agent/tags
- agent/softwarecombine
- collector/the-register
- source/The Register
- alias/CVE-2024-43197
- alias/CVE-2024-53150
- vendor/servicenow
- canonical/servicenow
- version/servicenow/utah
- version/servicenow/utah-early_availability
- version/servicenow/utah-patch_1
- version/servicenow/utah-patch_1_hotfix_1
- version/servicenow/utah-patch_1_hotfix_1a
- version/servicenow/utah-patch_1_hotfix_1b
- version/servicenow/utah-patch_1_hotfix_2
- version/servicenow/utah-patch_10
- version/servicenow/utah-patch_10_hotfix_1
- version/servicenow/utah-patch_10_hotfix_2
- version/servicenow/utah-patch_10a
- version/servicenow/utah-patch_10a_hotfix_1
- version/servicenow/utah-patch_2
- version/servicenow/utah-patch_2_hotfix_1
- version/servicenow/utah-patch_2_hotfix_2
- version/servicenow/utah-patch_2_hotfix_3
- version/servicenow/utah-patch_2_hotfix_4
- version/servicenow/utah-patch_3
- version/servicenow/utah-patch_3_hotfix_1
- version/servicenow/utah-patch_3_hotfix_1b
- version/servicenow/utah-patch_4
- version/servicenow/utah-patch_4_hotfix_1
- version/servicenow/utah-patch_4_hotfix_2
- version/servicenow/utah-patch_4_hotfix_2a
- version/servicenow/utah-patch_4_hotfix_2b
- version/servicenow/utah-patch_4_hotfix_3
- version/servicenow/utah-patch_4_hotfix_3b
- version/servicenow/utah-patch_4_hotfix_4
- version/servicenow/utah-patch_4_hotfix_4b
- version/servicenow/utah-patch_4_hotfix_5
- version/servicenow/utah-patch_5
- version/servicenow/utah-patch_5_hotfix_1
- version/servicenow/utah-patch_6
- version/servicenow/utah-patch_6_hotfix_1
- version/servicenow/utah-patch_6_hotfix_2
- version/servicenow/utah-patch_7
- version/servicenow/utah-patch_7_hotfix_1
- version/servicenow/utah-patch_7_hotfix_2
- version/servicenow/utah-patch_7a
- version/servicenow/utah-patch_7b
- version/servicenow/utah-patch_8
- version/servicenow/utah-patch_8_hotfix_2
- version/servicenow/utah-patch_9
- version/servicenow/utah-patch_9_hotfix_1
- version/servicenow/utah-patch_9_hotfix_1a
- version/servicenow/utah-patch_9_hotfix_1b
- version/servicenow/vancouver
- version/servicenow/vancouver-patch_1
- version/servicenow/vancouver-patch_1_hotfix_1
- version/servicenow/vancouver-patch_10
- version/servicenow/vancouver-patch_2
- version/servicenow/vancouver-patch_2_hotfix_1
- version/servicenow/vancouver-patch_2_hotfix_1a
- version/servicenow/vancouver-patch_2_hotfix_2
- version/servicenow/vancouver-patch_2_hotfix_3
- version/servicenow/vancouver-patch_2_hotfix1a
- version/servicenow/vancouver-patch_3
- version/servicenow/vancouver-patch_3_hotfix_1
- version/servicenow/vancouver-patch_3_hotfix_2
- version/servicenow/vancouver-patch_3_hotfix_3
- version/servicenow/vancouver-patch_3_hotfix_4
- version/servicenow/vancouver-patch_4
- version/servicenow/vancouver-patch_4_hotfix_1
- version/servicenow/vancouver-patch_4_hotfix_1a
- version/servicenow/vancouver-patch_4_hotfix_1b
- version/servicenow/vancouver-patch_4_hotfix_2b
- version/servicenow/vancouver-patch_5
- version/servicenow/vancouver-patch_5_hotfix_1
- version/servicenow/vancouver-patch_6
- version/servicenow/vancouver-patch_6_hotfix_1
- version/servicenow/vancouver-patch_7
- version/servicenow/vancouver-patch_7_hotfix_1
- version/servicenow/vancouver-patch_7_hotfix_1a
- version/servicenow/vancouver-patch_7_hotfix_2
- version/servicenow/vancouver-patch_7_hotfix_2a
- version/servicenow/vancouver-patch_7_hotfix_2b
- version/servicenow/vancouver-patch_7_hotfix_3a
- version/servicenow/vancouver-patch_8
- version/servicenow/vancouver-patch_8_hotfix_1
- version/servicenow/vancouver-patch_8_hotfix_2
- version/servicenow/vancouver-patch_8_hotfix_3
- version/servicenow/vancouver-patch_9
- version/servicenow/washington_dc
- version/servicenow/washington_dc-patch_1
- version/servicenow/washington_dc-patch_1_hotfix_1
- version/servicenow/washington_dc-patch_1_hotfix_2
- version/servicenow/washington_dc-patch_1_hotfix_2a
- version/servicenow/washington_dc-patch_2
- version/servicenow/washington_dc-patch_2_hotfix_1
- version/servicenow/washington_dc-patch_3
- canonical/servicenow now platform