SERVICENOW has patched a vulnerability on its cloud platform that has reportedly been exploited by attackers. The patch, released on June 5, restricts access to authorized users after anomalous activity was detected. Although the company has not disclosed specific details, customers are advised not to take action and are being notified if their systems showed signs of successful exploit attempts. Precise numbers of affected customers and the exploiters remain unclear, and a decision on whether to assign a CVE has not yet been made.
ServiceNow patches cloud flaw after attackers exploit it
Developing story
breach
2 articles tracked
ServiceNow unauthenticated API flaw exposes customer data
CyberSIXT Evidence Panel
Primary Source
support.servicenow.com
Article by CyberSIXT
Timeline Coverage
Swipe to explore timeline
-
Unauthenticated ServiceNow API flaw leaks customer data
cybersixt.com
-
ServiceNow patches cloud flaw after attackers exploit it
www.securityweek.com