cvedb.io
CVE-2024-8924
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2024-10-29T17:15:04.983 · Last modified 2026-06-17T08:23:34.287

Summary

ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes.

Affected products

servicenow — servicenow

Does this affect you?

Add your gear to cvedb and we'll alert you only when servicenow ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.