servicenow 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に vendor risk open redirect and パス処理の欠陥 などに関し、一部は ファイル上書き を招き、vendor surface software deployment and vendor surface production workloads 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-12420 | A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update to hosted instances in October 2025. Security updates have also been provided to ServiceNow self-hosted customers, partners, and hosted customers with unique configurations. Additionally, the vulnerab | [email protected] | 9.3 | 45.49% | 2026-01-12 | 2026-06-17 |
| CVE-2024-8924 | ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes. | [email protected] | 8.7 | 0.51% | 2024-10-29 | 2026-06-17 |
| CVE-2024-8923 | ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow deployed an update to hosted instances and ServiceNow provided the update to our partners and self-hosted customers. Further, the vulnerability is addressed in the listed patches and hot fixes. | [email protected] | 9.3 | 1.11% | 2024-10-29 | 2026-06-17 |
| CVE-2024-5217 KEV | ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addressed in the listed patches and hot fixes below, which were released during the June 2024 patching cycle. If you have not done so already, we recommend applying security patches relevant to your instance as | [email protected] | 9.2 | 99.63% | 2024-07-10 | 2026-06-17 |
| CVE-2024-4879 KEV | ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recomme | [email protected] | 9.3 | 99.98% | 2024-07-10 | 2026-06-17 |
| CVE-2023-1298 | ServiceNow has released upgrades and patches that address a Reflected Cross-Site scripting (XSS) vulnerability that was identified in the ServiceNow Polaris Layout. This vulnerability would enable an authenticated user to inject arbitrary scripts. | [email protected] | 4.3 | 0.34% | 2023-07-06 | 2026-06-17 |
| CVE-2022-43684 | ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality. Additional Details This issue is present in the following supported ServiceNow releases: * Quebec prior to Patch 10 Hot Fix 8b * Rome prior to Patch 10 Hot Fix 1 * San Diego prior to Patch 7 * Tokyo prior to Tokyo Patch 1; and * Utah prior to Utah General Availability If this ACL bypass issue were to be successfully exploited, it pot | [email protected] | 9.9 | 1.80% | 2023-06-13 | 2026-06-17 |
| CVE-2023-1209 | Cross-Site Scripting (XSS) vulnerabilities exist in ServiceNow records allowing an authenticated attacker to inject arbitrary scripts. | [email protected] | 4.3 | 0.38% | 2023-05-23 | 2026-06-17 |
| CVE-2022-46389 | There exists a reflected XSS within the logout functionality of ServiceNow versions lower than Quebec Patch 10 Hotfix 11b, Rome Patch 10 Hotfix 3b, San Diego Patch 9, Tokyo Patch 4, and Utah GA. This enables an unauthenticated remote attacker to execute arbitrary JavaScript code in the browser-based web console. | [email protected] | 6.1 | 0.60% | 2023-04-17 | 2026-06-17 |
| CVE-2022-46886 | There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain. | [email protected] | 5.5 | 0.30% | 2023-04-14 | 2026-06-17 |
| CVE-2022-39048 | A XSS vulnerability was identified in the ServiceNow UI page assessment_redirect. To exploit this vulnerability, an attacker would need to persuade an authenticated user to click a maliciously crafted URL. Successful exploitation potentially could be used to conduct various client-side attacks, including, but not limited to, phishing, redirection, theft of CSRF tokens, and use of an authenticated user's browser or session to attack other systems. | [email protected] | 6.1 | 1.09% | 2023-04-10 | 2026-06-17 |
| CVE-2022-42704 | A cross-site scripting (XSS) vulnerability in Employee Service Center (esc) and Service Portal (sp) in ServiceNow Quebec, Rome, and San Diego allows remote attackers to inject arbitrary web script via the Standard Ticket Conversations widget. | [email protected] | 5.4 | 0.44% | 2023-01-12 | 2026-06-17 |
| CVE-2022-38463 | ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality. | [email protected] | 6.1 | 2.26% | 2022-08-23 | 2026-06-17 |
| CVE-2022-38172 | ServiceNow through San Diego Patch 3 allows XSS via the name field during creation of a new dashboard for the Performance Analytics dashboard. | [email protected] | 6.1 | 0.46% | 2022-08-23 | 2026-06-17 |
| CVE-2021-45901 | The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists. | [email protected] | 5.3 | 14.32% | 2022-02-10 | 2026-06-17 |
| CVE-2019-20768 | ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do. | [email protected] | 5.4 | 0.72% | 2020-05-05 | 2026-06-16 |
| CVE-2018-7748 | report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter. | [email protected] | 8.8 | 2.58% | 2018-08-03 | 2026-06-16 |
| CVE-2018-8720 | ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do). | [email protected] | 5.4 | 0.70% | 2018-03-15 | 2026-06-16 |