SB2023011311 - Multiple vulnerabilities in ServiceNow

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2023011311

SB2023011311 - Multiple vulnerabilities in ServiceNow

Published: January 13, 2023

Security Bulletin ID SB2023011311
Severity
High
Patch available
YES
Number of vulnerabilities 1
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 1 security vulnerability.


1) Security features bypass (CVE-ID: N/A)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability details multiple unspecified security issues. A remote attacker can bypass implemented security restrictions. Security issues affect the following components:

  • Advanced Work Assignment
  • Agent Workspace
  • AI Search
  • Authentication
  • Configuration Management Database (CMDB)
  • Configuration Management Database (CMDB)
  • Customer Service Management
  • Discovery
  • Domain Separation
  • Dynamic Translation
  • Email Notifications
  • Field Administration
  • Health Log Analytics (Family)
  • HR Service Delivery
  • Integration Hub
  • Knowledge Management
  • MID Server
  • MS Teams - App Core
  • NotifyNow
  • Orchestration
  • Platform Analytics
  • IT Business Management
  • Reporting
  • Service Creator
  • Service Mapping
  • System Localization
  • Universal Request



Remediation

Install update from vendor's website.

References