Search criteria
1 vulnerability found for ServiceNow by ServiceNow
CVE-2022-46886 (GCVE-0-2022-46886)
Vulnerability from cvelistv5 ā Published: 2023-04-14 00:00 ā Updated: 2025-02-06 21:46
VLAI?
Summary
There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.
Severity ?
5.5 (Medium)
CWE
- open redirect
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ServiceNow | ServiceNow |
Affected:
Tokyo , < Tokyo Patch 1b
(custom)
Affected: San Diego , < San Diego Patch 7b (custom) Affected: Rome , < Rome Patch 10 Hotfix 2b (custom) Affected: Quebec , < Quebec Patch 10 Hotfix 10b (custom) |
Credits
theamanrawat
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:39:38.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46886",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T21:46:23.163978Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-06T21:46:36.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ServiceNow",
"vendor": "ServiceNow",
"versions": [
{
"changes": [
{
"at": "Tokyo Patch 3",
"status": "unaffected"
}
],
"lessThan": "Tokyo Patch 1b",
"status": "affected",
"version": "Tokyo",
"versionType": "custom"
},
{
"changes": [
{
"at": "San Diego Patch 9",
"status": "unaffected"
}
],
"lessThan": "San Diego Patch 7b",
"status": "affected",
"version": "San Diego",
"versionType": "custom"
},
{
"changes": [
{
"at": "Rome Patch 10 Hotfix 3b",
"status": "unaffected"
}
],
"lessThan": "Rome Patch 10 Hotfix 2b",
"status": "affected",
"version": "Rome",
"versionType": "custom"
},
{
"lessThan": "Quebec Patch 10 Hotfix 10b",
"status": "affected",
"version": "Quebec",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "theamanrawat"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\u003c/p\u003e"
}
],
"value": "There exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n"
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eSuccessful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing. This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\u003c/p\u003e"
}
],
"value": "Successful exploitation of this vulnerability potentially could be used to facilitate targeted attacks such as phishing. This may enable attackers to redirect authenticated users to domains the attackers control and cause the disclosure of sensitive information, like login credentials.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "open redirect",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-17T21:53:31.401Z",
"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"shortName": "SN"
},
"references": [
{
"url": "https://support.servicenow.com/kb?id=kb_article_view\u0026sysparm_article=KB1219857"
}
],
"source": {
"discovery": "EXTERNAL"
},
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375",
"assignerShortName": "SN",
"cveId": "CVE-2022-46886",
"datePublished": "2023-04-14T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2025-02-06T21:46:36.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}