VulnerabilityBleeping Computer
8.0 — CRITICAL
ServiceNow discloses security incident exposing customer data
ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable API endpoint, allowing them to query data from customer instances. [...]
🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview
ServiceNow experienced a security incident due to an unauthenticated access flaw in their API endpoint, allowing attackers to query customer instance tables and potentially access sensitive enterprise information.
⚙️Technical Details
Affected Systems
/api/now/related_list_edit/create
Attack Vectors
unauthenticated requests to the /api/now/related_list_edit/create endpointIP address 51.159.98.241
💥Impact Assessment
Severity: critical
🛡️Recommended Actions
1Review ServiceNow logs for requests to /api/now/related_list_edit, particularly from the IP address 51.159.98.241
2Rotate credentials or tokens shared through support workflows
3Ensure API logging is enabled
📦Affected Products
ServiceNow
Read the full article
This is a curated summary. The complete article is available at Bleeping Computer.