ServiceNow: vulnerability allowed unauthorized access to customer instances

Colleagues, please note: ServiceNow has reported that attackers exploited a vulnerability to gain elevated access to multiple customer instances.
- A security update was applied on 5 June; the flaw allowed unauthenticated users to query instance tables.
- Some customers were affected and have been notified. The issue is linked to the Australia release and configuration changes on older versions.
- Details first appeared on Reddit; no CVE has been assigned yet.
Why it matters: risk of unauthorized access and data exfiltration.
What measures have you already taken to protect your instances?
#cybersecurity #ServiceNow #incident #security


Latest comments
No comments yet.