一、 漏洞 CVE-2024-4879 基础信息
漏洞信息
# ServiceNow UI Macros 中 Jelly 模板注入漏洞

## 漏洞概述
ServiceNow 的 Vancouver 和 Washington DC 版本的 Now Platform 存在一个输入验证漏洞,这可能导致未认证用户远程执行代码。

## 影响版本
- Vancouver
- Washington DC

## 细节
此漏洞是由于输入验证不足导致,攻击者可以利用该漏洞在 Now Platform 上远程执行代码。

## 影响
未认证用户可以利用此漏洞远程执行代码,对 Now Platform 安全造成严重威胁。ServiceNow 已发布补丁并更新了托管实例,建议尽快应用相关安全补丁。
备注
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
Jelly Template Injection Vulnerability in ServiceNow UI Macros
来源:美国国家漏洞数据库 NVD
漏洞描述信息
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
ServiceNow 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
ServiceNow是美国ServiceNow公司的一个云计算平台。以帮助公司管理企业运营的数字工作流程。 ServiceNow存在安全漏洞。攻击者利用该漏洞可以在 Now Platform 环境中远程执行代码。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
其他
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2024-4879 的公开POC
# POC 描述 源链接 神龙链接
1 CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow https://github.com/Brut-Security/CVE-2024-4879 POC详情
2 Bulk scanning tool for ServiceNow CVE-2024-4879 vulnerability https://github.com/bigb0x/CVE-2024-4879 POC详情
3 None https://github.com/Mr-r00t11/CVE-2024-4879 POC详情
4 None https://github.com/zgimszhd61/CVE-2024-4879 POC详情
5 None https://github.com/ShadowByte1/CVE-2024-4879 POC详情
6 Exploit for CVE-2024-4879 affecting Vancouver, Washington DC Now and Utah Platform releases https://github.com/Praison001/CVE-2024-4879-ServiceNow POC详情
7 CVE-2024-4879 & CVE-2024-5217 ServiceNow RCE Scanning Using Nuclei & Shodan Dork to find it. https://github.com/NoTsPepino/CVE-2024-4879-CVE-2024-5217-ServiceNow-RCE-Scanning POC详情
8 Python script designed to detect specific vulnerabilities in ServiceNow instances and dump database connection details if the vulnerability is found. This tool is particularly useful for security researchers and penetration testers. https://github.com/jdusane/CVE-2024-4879 POC详情
9 Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879 https://github.com/fa-rrel/CVE-2024-4879 POC详情
10 None https://github.com/0xWhoami35/CVE-2024-4879 POC详情
11 Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879 https://github.com/gh-ost00/CVE-2024-4879 POC详情
12 ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-4879.yaml POC详情
三、漏洞 CVE-2024-4879 的情报信息