{"vulnerability": "CVE-2024-5217", "sightings": [{"uuid": "ea8678a1-5072-46f2-8958-a6f3fe0cb4e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/76aa267b-0f79-464b-8188-448d33660cfb", "content": "", "creation_timestamp": "2026-02-02T12:26:32.747478Z"}, {"uuid": "e9b4c3ef-b3eb-43e2-843a-d01220f8afb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8105", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.\nURL\uff1ahttps://github.com/cc1a2b/PenHunter\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-07-28T09:42:53.000000Z"}, {"uuid": "765c2ff5-16dd-4190-a4ed-11cca4dff8da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8103", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it.\nURL\uff1ahttps://github.com/Z3r0H0ur666/RCE-Hunter\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-07-28T08:04:53.000000Z"}, {"uuid": "2de492a4-031b-41e1-9569-51b2e9ed2a14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8102", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning & Shodan Dork to find it.\nURL\uff1ahttps://github.com/NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-28T06:57:10.000000Z"}, {"uuid": "821c7ae2-86c8-4955-aad2-46057d5c3b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1506", "content": "", "creation_timestamp": "2024-09-07T05:42:04.000000Z"}, {"uuid": "b183fbbc-2b6c-4c0e-ab76-1c706fddbae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-07-29T18:10:03.000000Z"}, {"uuid": "d6cfc669-3d1d-446b-8d91-c84352bc93b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lkvkvumgpr2k", "content": "", "creation_timestamp": "2025-03-21T15:50:46.706574Z"}, {"uuid": "4a72dba4-c14a-4e21-946e-b7b5ee1c7d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lkxcdrog3v2p", "content": "", "creation_timestamp": "2025-03-22T08:22:48.766958Z"}, {"uuid": "2d3396ba-bbf8-4713-86a7-47ba9a7e62c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwomc26", "content": "", "creation_timestamp": "2025-03-20T19:51:43.290970Z"}, {"uuid": "bb2e2a81-bb0f-4223-92c4-6899c2882eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwsjc26", "content": "", "creation_timestamp": "2025-03-20T19:51:43.957471Z"}, {"uuid": "e3730e92-c15a-4ef5-ab47-ebbdbd3c335d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwtik26", "content": "", "creation_timestamp": "2025-03-20T19:51:44.720280Z"}, {"uuid": "ed1ef08d-6680-40bd-a376-f855d4091634", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwtil26", "content": "", "creation_timestamp": "2025-03-20T19:51:45.401557Z"}, {"uuid": "ad4e8a60-6776-45a3-b209-2fc6211112f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/infrasecalliance.org/post/3lkthvqwuht26", "content": "", "creation_timestamp": "2025-03-20T19:51:46.084133Z"}, {"uuid": "e2703e1b-a9f4-4805-b309-b0a10d445f7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:56.000000Z"}, {"uuid": "4a37c5c3-35d9-4ce7-a67e-a6a2a8db9c98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:15.000000Z"}, {"uuid": "d2031f2f-1fee-4780-9510-8187f69a89cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:33.000000Z"}, {"uuid": "3aaeece4-a177-4b93-976d-a5d031336be1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/76aa267b-0f79-464b-8188-448d33660cfb", "content": "", "creation_timestamp": "2026-02-02T12:26:32.747478Z"}, {"uuid": "6be78767-d879-4b46-a2d3-cfe3b9bcea6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/3905", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4879\n\ud83c\udfe2 Vendor: ServiceNow\n\ud83d\udda5\ufe0f Product: Utah, Vancouver, and Washington DC Now\n\ud83d\udd39 Description: ServiceNow Utah, Vancouver, and Washington DC Now releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely. \n\ud83d\udccf Published: 2024-07-23T00:00:00Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json\n2. https://www.imperva.com/blog/imperva-customers-protected-against-critical-servicenow-vulnerability/\n3. https://www.resecurity.com/blog/article/cve-2024-4879-and-cve-2024-5217-servicenow-rce-exploitation-in-a-global-reconnaissance-campaign\n4. https://fortiguard.fortinet.com/outbreak-alert/servicenow-rce", "creation_timestamp": "2025-02-08T23:21:33.000000Z"}, {"uuid": "9b004f59-c847-4054-b9ec-cc1f28b7dbad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://t.me/cvedetector/555", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5217 - ServiceNow has addressed an input validation vulne\", \n  \"Content\": \"CVE ID : CVE-2024-5217 \nPublished : July 10, 2024, 5:15 p.m. | 24\u00a0minutes ago \nDescription : ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform.\u00a0The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T19:43:20.000000Z"}, {"uuid": "6fdf90a5-cac9-4e42-a456-8ec93814412a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://t.me/breachdetector/580664", "content": "{\n  \"Source\": \"https://leakbase.cc/\",\n  \"Content\": \"Cve-2024-4879 & Cve-2024-5217 Servicenow Rce Scanning\", \n  \"author\": \" (dealerseek)\",\n  \"Detection Date\": \"28 Jul 2024\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2024-07-28T09:36:45.000000Z"}, {"uuid": "0b73e7b7-f484-4200-b151-b5c2a0eb7688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lky6uwrfa22x", "content": "", "creation_timestamp": "2025-03-22T16:53:28.903928Z"}, {"uuid": "955bf9e3-5e9b-42d5-b4ae-bf9aaf5bf257", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/0ed650b2-0845-4a5d-8164-a858acafffa8", "content": "", "creation_timestamp": "2024-07-27T20:58:34.478877Z"}, {"uuid": "e15eea23-4369-4b83-b284-15717bde8475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5217", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/d29dbde5-754c-4ca2-8a8b-47f3b9e077f7", "content": "", "creation_timestamp": "2024-09-24T12:13:05.859516Z"}]}