CISA Known Exploited Vulnerability

CVE-2024-4879

ServiceNow · Utah, Vancouver, and Washington DC Now Platform

ServiceNow Improper Input Validation Vulnerability

Date added 2024-07-29

BOD 22-01 due date 2024-08-19

CWE CWE-1287

Ransomware Unknown

CISA description

ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely.

Required action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Notes & references

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154
https://nvd.nist.gov/vuln/detail/CVE-2024-4879

Where this lands in 800-53

Vulnerability data triggers these controls during assessment and continuous monitoring.

RA-5 · Vulnerability Monitoring and Scanning
SI-2 · Flaw Remediation
CM-6 · Configuration Settings
SI-7 · Software, Firmware, and Information Integrity
CM-8 · System Component Inventory

External lookups

NVD · CVE-2024-4879
CVE.org · CVE-2024-4879
CISA KEV catalog (canonical)