{"uuid": "5bea7d25-f007-4b89-b9b0-f10beebfbd14", "vulnerability": {"vulnId": "CVE-2024-5217", "altId": []}, "gcve": {"origin_uuid": "405284c2-e461-4670-8979-7fd2c9755a60", "object_uuid": "5bea7d25-f007-4b89-b9b0-f10beebfbd14"}, "status": {"exploited": true, "status_reason": "confirmed", "status_updated_at": "2024-07-29T00:00:00+00:00"}, "characteristics": {}, "timestamps": {"asserted_at": "2024-07-29T00:00:00Z", "recorded_at": "2026-02-02T13:24:01Z", "first_seen_at": "2024-07-29T00:00:00Z"}, "scope": {"notes": "KEV entry: ServiceNow Incomplete List of Disallowed Inputs Vulnerability | Affected: ServiceNow / Utah, Vancouver, and Washington DC Now Platform | Description: ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-08-19 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1648313; https://nvd.nist.gov/vuln/detail/CVE-2024-5217"}, "evidence": [{"type": "vendor_report", "source": "cisa-kev", "signal": "successful_exploitation", "confidence": 0.8, "details": {"cwes": ["CWE-184"], "feed": "CISA Known Exploited Vulnerabilities Catalog", "product": "Utah, Vancouver, and Washington DC Now Platform", "due_date": "2024-08-19", "date_added": "2024-07-29", "vendorProject": "ServiceNow", "vulnerabilityName": "ServiceNow Incomplete List of Disallowed Inputs Vulnerability", "knownRansomwareCampaignUse": "Unknown"}}], "references": [{"id": "CVE-2024-5217", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2024-5217"}]}