Main Vulnerability Database Exploits ID:8734 - Exploit for Observable discrepancy in ServiceNow - CVE-2021-45901

ID:8734 - Exploit for Observable discrepancy in ServiceNow - CVE-2021-45901

Published: January 12, 2023

Vulnerability identifier: #VU71133

Vulnerability risk: Low

CVE-ID: CVE-2021-45901

CWE-ID: CWE-203

Exploitation vector: Remote access

Vulnerable software:
ServiceNow

Link to public exploit:

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to verbose data output in the password-reset form. A remote attacker can enumerate user accounts.

Install updates from vendor's website.