{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-3089", "assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375", "state": "PUBLISHED", "assignerShortName": "SN", "dateReserved": "2025-04-01T13:40:25.043Z", "datePublished": "2025-08-12T16:06:39.883Z", "dateUpdated": "2025-08-12T18:17:15.832Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "ServiceNow AI Platform", "vendor": "ServiceNow", "versions": [{"lessThan": "Washington DC Patch 10 Hot Fix 2a", "status": "affected", "version": "Aspen", "versionType": "custom"}, {"lessThan": "Xanadu Patch 7a", "status": "affected", "version": "Aspen", "versionType": "custom"}, {"lessThan": "Xanadu Patch 8", "status": "affected", "version": "Aspen", "versionType": "custom"}, {"lessThan": "Yokohama Patch 1a", "status": "affected", "version": "Aspen", "versionType": "custom"}, {"lessThan": "Yokohama Patch 2", "status": "affected", "version": "Aspen", "versionType": "custom"}, {"lessThan": "Zurich (EA)", "status": "affected", "version": "Aspen", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Doukani Mohammed Adam"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">ServiceNow has addressed a Broken Access Control vulnerability that was identified in the </span><span style=\"background-color: rgb(255, 255, 255);\">ServiceNow AI Platform</span><span style=\"background-color: rgb(255, 255, 255);\">. </span><span style=\"background-color: rgb(255, 255, 255);\">This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners. &nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>"}], "value": "ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications.\u00a0This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners."}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.3, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375", "shortName": "SN", "dateUpdated": "2025-08-12T16:33:24.196Z"}, "references": [{"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2264930"}], "source": {"discovery": "UNKNOWN"}, "title": "Broken Access Control in ServiceNow AI Platform", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-12T18:16:57.869241Z", "id": "CVE-2025-3089", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T18:17:15.832Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-3089", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-12T18:16:57.869241Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T18:17:11.532Z"}}], "cna": {"title": "Broken Access Control in ServiceNow AI Platform", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Doukani Mohammed Adam"}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "ServiceNow", "product": "ServiceNow AI Platform", "versions": [{"status": "affected", "version": "Aspen", "lessThan": "Washington DC Patch 10 Hot Fix 2a", "versionType": "custom"}, {"status": "affected", "version": "Aspen", "lessThan": "Xanadu Patch 7a", "versionType": "custom"}, {"status": "affected", "version": "Aspen", "lessThan": "Xanadu Patch 8", "versionType": "custom"}, {"status": "affected", "version": "Aspen", "lessThan": "Yokohama Patch 1a", "versionType": "custom"}, {"status": "affected", "version": "Aspen", "lessThan": "Yokohama Patch 2", "versionType": "custom"}, {"status": "affected", "version": "Aspen", "lessThan": "Zurich (EA)", "versionType": "custom"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2264930"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications.\u00a0This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">ServiceNow has addressed a Broken Access Control vulnerability that was identified in the </span><span style=\"background-color: rgb(255, 255, 255);\">ServiceNow AI Platform</span><span style=\"background-color: rgb(255, 255, 255);\">. </span><span style=\"background-color: rgb(255, 255, 255);\">This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications.</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners. &nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "CWE-639 Authorization Bypass Through User-Controlled Key"}]}], "providerMetadata": {"orgId": "303448ea-6ef3-4077-ad29-5c9bf253c375", "shortName": "SN", "dateUpdated": "2025-08-12T16:33:24.196Z"}}}, "cveMetadata": {"cveId": "CVE-2025-3089", "state": "PUBLISHED", "dateUpdated": "2025-08-12T18:17:15.832Z", "dateReserved": "2025-04-01T13:40:25.043Z", "assignerOrgId": "303448ea-6ef3-4077-ad29-5c9bf253c375", "datePublished": "2025-08-12T16:06:39.883Z", "assignerShortName": "SN"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading to unauthorized data modifications.\u00a0This issue is addressed in the listed patches and family releases, which have been made available to hosted and self-hosted customers, as well as partners."}, {"lang": "es", "value": "ServiceNow ha solucionado una vulnerabilidad de control de acceso interrumpido identificada en la plataforma de IA de ServiceNow. Esta vulnerabilidad podr\u00eda permitir que un usuario con pocos privilegios eluda los controles de acceso y realice un conjunto limitado de acciones normalmente reservadas para usuarios con privilegios m\u00e1s altos, lo que podr\u00eda provocar modificaciones no autorizadas de datos. Este problema se soluciona en los parches y versiones de la familia mencionados, que ya est\u00e1n disponibles para clientes alojados y autoalojados, as\u00ed como para socios."}], "id": "CVE-2025-3089", "lastModified": "2025-08-13T17:34:12.350", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "psirt@servicenow.com", "type": "Secondary"}]}, "published": "2025-08-12T16:15:27.850", "references": [{"source": "psirt@servicenow.com", "url": "https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2264930"}], "sourceIdentifier": "psirt@servicenow.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-639"}], "source": "psirt@servicenow.com", "type": "Secondary"}]}

{}