{"id":12246,"date":"2024-07-30T00:11:25","date_gmt":"2024-07-30T00:11:25","guid":{"rendered":"https:\/\/sekuritasit.com\/?p=12246"},"modified":"2024-07-30T00:11:25","modified_gmt":"2024-07-30T00:11:25","slug":"servicenow-improper-input-validation-vulnerability-cve-2024-4879","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/","title":{"rendered":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)"},"content":{"rendered":"<p>What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog on July 29, 2024.What is the recommended Mitigation?ServiceNow has released updates for the affected instances. CVE-2024-4879 &#8211; Jelly Template Injection Vulnerability in ServiceNow UI Macros &#8211; SecurityWhat FortiGuard Coverage is available?FortiGuard Labs recommends users to apply the patches released by the vendor immediately to secure their systems.FortiGuard Intrusion Prevention Service (IPS) protection is currently being investigated to defend against exploitation of CVE-2024-4879.The FortiGuard Incident Response team can be engaged to help with any suspected compromise.<a href=\"https:\/\/fortiguard.fortinet.com\/threat-signal-report\/5497\" target=\"_blank\" class=\"feedzy-rss-link-icon\" rel=\"noopener\">Read More<\/a>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-12246","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog\" \/>\n\t<meta name=\"robots\" content=\"max-image-preview:large\" \/>\n\t<link rel=\"canonical\" href=\"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"Sekuritas IT \u203a Creative solutions to unique challenges.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT\" \/>\n\t\t<meta property=\"og:description\" content=\"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2024-07-30T00:11:25+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2024-07-30T00:11:25+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100086973577423\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:title\" content=\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT\" \/>\n\t\t<meta name=\"twitter:description\" content=\"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#blogposting\",\"name\":\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \\u203a Sekuritas IT\",\"headline\":\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)\",\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"},\"datePublished\":\"2024-07-30T00:11:25+00:00\",\"dateModified\":\"2024-07-30T00:11:25+00:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#webpage\"},\"articleSection\":\"Uncategorized\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sekuritasit.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"position\":2,\"name\":\"Uncategorized\",\"item\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#listItem\",\"name\":\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#listItem\",\"position\":3,\"name\":\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/category\\\/uncategorized\\\/#listItem\",\"name\":\"Uncategorized\"}}]},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\",\"name\":\"Sekuritas IT\",\"description\":\"Creative solutions to unique challenges.\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100086973577423\"]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#webpage\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/\",\"name\":\"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \\u203a Sekuritas IT\",\"description\":\"What is the vulnerability?A critical input validation vulnerability (CVE-2024\\u20134879) is identified in ServiceNow\\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/2024\\\/07\\\/30\\\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/index.php\\\/author\\\/#author\"},\"datePublished\":\"2024-07-30T00:11:25+00:00\",\"dateModified\":\"2024-07-30T00:11:25+00:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#website\",\"url\":\"https:\\\/\\\/sekuritasit.com\\\/\",\"name\":\"Sekuritas IT\",\"alternateName\":\"Sekuritas\",\"description\":\"Creative solutions to unique challenges.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/sekuritasit.com\\\/#organization\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT","description":"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog","canonical_url":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/","robots":"max-image-preview:large","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#blogposting","name":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT","headline":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)","author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"},"datePublished":"2024-07-30T00:11:25+00:00","dateModified":"2024-07-30T00:11:25+00:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#webpage"},"isPartOf":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#webpage"},"articleSection":"Uncategorized"},{"@type":"BreadcrumbList","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","position":1,"name":"Home","item":"https:\/\/sekuritasit.com","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","position":2,"name":"Uncategorized","item":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/","nextItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#listItem","name":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)"},"previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#listItem","position":3,"name":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)","previousItem":{"@type":"ListItem","@id":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/#listItem","name":"Uncategorized"}}]},{"@type":"Organization","@id":"https:\/\/sekuritasit.com\/#organization","name":"Sekuritas IT","description":"Creative solutions to unique challenges.","url":"https:\/\/sekuritasit.com\/","sameAs":["https:\/\/www.facebook.com\/profile.php?id=100086973577423"]},{"@type":"WebPage","@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#webpage","url":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/","name":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT","description":"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/sekuritasit.com\/#website"},"breadcrumb":{"@id":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/#breadcrumblist"},"author":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"creator":{"@id":"https:\/\/sekuritasit.com\/index.php\/author\/#author"},"datePublished":"2024-07-30T00:11:25+00:00","dateModified":"2024-07-30T00:11:25+00:00"},{"@type":"WebSite","@id":"https:\/\/sekuritasit.com\/#website","url":"https:\/\/sekuritasit.com\/","name":"Sekuritas IT","alternateName":"Sekuritas","description":"Creative solutions to unique challenges.","inLanguage":"en-US","publisher":{"@id":"https:\/\/sekuritasit.com\/#organization"}}]},"og:locale":"en_US","og:site_name":"Sekuritas IT \u203a Creative solutions to unique challenges.","og:type":"article","og:title":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT","og:description":"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog","og:url":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/","article:published_time":"2024-07-30T00:11:25+00:00","article:modified_time":"2024-07-30T00:11:25+00:00","article:publisher":"https:\/\/www.facebook.com\/profile.php?id=100086973577423","twitter:card":"summary_large_image","twitter:title":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879) \u203a Sekuritas IT","twitter:description":"What is the vulnerability?A critical input validation vulnerability (CVE-2024\u20134879) is identified in ServiceNow\u2019s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024\u20134879 to its Known Exploited Vulnerabilities (KEV) Catalog"},"aioseo_meta_data":{"post_id":"12246","title":null,"description":null,"keywords":null,"keyphrases":null,"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":null,"og_custom_url":null,"og_article_section":null,"og_article_tags":null,"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":null,"robots_max_videopreview":null,"robots_max_imagepreview":"large","priority":null,"frequency":null,"local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2024-07-30 00:32:36","updated":"2025-10-15 10:50:12","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/\" title=\"Uncategorized\">Uncategorized<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/sekuritasit.com"},{"label":"Uncategorized","link":"https:\/\/sekuritasit.com\/index.php\/category\/uncategorized\/"},{"label":"ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)","link":"https:\/\/sekuritasit.com\/index.php\/2024\/07\/30\/servicenow-improper-input-validation-vulnerability-cve-2024-4879\/"}],"_links":{"self":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/12246","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/comments?post=12246"}],"version-history":[{"count":1,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/12246\/revisions"}],"predecessor-version":[{"id":12255,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/posts\/12246\/revisions\/12255"}],"wp:attachment":[{"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/media?parent=12246"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/categories?post=12246"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sekuritasit.com\/index.php\/wp-json\/wp\/v2\/tags?post=12246"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}