{"uuid": "6be78767-d879-4b46-a2d3-cfe3b9bcea6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/3905", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4879\n\ud83c\udfe2 Vendor: ServiceNow\n\ud83d\udda5\ufe0f Product: Utah, Vancouver, and Washington DC Now\n\ud83d\udd39 Description: ServiceNow Utah, Vancouver, and Washington DC Now releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely. \n\ud83d\udccf Published: 2024-07-23T00:00:00Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\n2. https://www.imperva.com/blog/imperva-customers-protected-against-critical-servicenow-vulnerability/\n3. https://www.resecurity.com/blog/article/cve-2024-4879-and-cve-2024-5217-servicenow-rce-exploitation-in-a-global-reconnaissance-campaign\n4. https://fortiguard.fortinet.com/outbreak-alert/servicenow-rce", "creation_timestamp": "2025-02-08T23:21:33.000000Z"}