COOEY // HUBcompliance · community · intelligence

FAIL › dossier

ServiceNow company FedRAMP market

FedRAMP provider ·

2
failure events
0
zero-days
0
RCEs
2
on KEV
0
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2024-07-29 CVE-2024-5217 high ⌖KEV 50 ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely.
2024-07-29 CVE-2024-4879 high ⌖KEV 50 ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely.

FedRAMP catalog products 1

ProductStatusImpact
Government Community Cloud Authorized High