CVE-2024-4879 PoC — ServiceNow 安全漏洞

Source

Associated Vulnerability

Description

CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow

Readme

# CVE-2024-4879 Exploit & PoC - Nuclei Template
CVE-2024-4879 - Jelly Template Injection Vulnerability in ServiceNow

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.

# For Detecting Jelly Template Injection Vulnerability
## Usage
```bash
nuclei -t servicenow.yaml -l targets.txt
```
# For Database Exploitation Jelly Template Injection Vulnerability
## Usage
```bash
nuclei -t servicenow-db-explit.yaml -l targets.txt
```

![Watch the video](servicenow.gif)

# References
- https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1645154
- https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1644293
- https://www.assetnote.io/resources/research/chaining-three-bugs-to-access-all-your-servicenow-data

# Video PoC
[![Video Title](https://img.youtube.com/vi/tqophl7sByc/0.jpg)](https://www.youtube.com/watch?v=tqophl7sByc)

File Snapshot

 [4.0K]  /data/pocs/8d68f772b4f89d965f92971db58d7bbab78186bb
├── [1.4K]  README.md
├── [1.2K]  servicenow-db-exploit.yaml
├── [1.4M]  servicenow.gif
└── [ 904]  servicenow.yaml

0 directories, 4 files

Remarks