CNNVD-202507-1035 Information

CNNVD ID

CNNVD-202507-1035

Related CVE

CVE-2025-3648

• CNNVD Published: 2025-07-08

Description (Chinese)

ServiceNow Now Platform是美国ServiceNow公司的一个基于云的平台，使用 AI 和机器学习来自动化和优化整个企业的工作。 ServiceNow Now Platform存在安全漏洞，该漏洞源于访问控制列表配置不当，可能导致未经授权的数据推断。

Description (English)

ServiceNow Now Platform is a cloud-based platform for United States Servicenow using AI and machine learning to automate and optimize the work of the enterprise as a whole. There is a security loophole in ServiceNow Now Platform, which stems from inappropriate configuration of access control lists, which may lead to unauthorized data extrapolation.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

ServiceNow

Published

2025-07-08

Last Modified

2026-02-24

References

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2139567 https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2256712 https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2046494 https://access.redhat.com/security/cve/cve-2025-3648