Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

ServiceNow AI Platform

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2025-3089
Assigner-ServiceNow
ShareView Details
Assigner-ServiceNow
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 17.05%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 16:06
Updated-13 Aug, 2025 | 17:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Broken Access Control in ServiceNow AI Platform

ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications. This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners.

Action-Not Available
Vendor-ServiceNow, Inc.
Product-ServiceNow AI Platform
CWE ID-CWE-639
Authorization Bypass Through User-Controlled Key