[Security Advisory] CVE-2022-43684 - ACL bypass in Reporting functionality<!-- .SOKMKBArticle table.landingTable{ background: #283d40; width: 100%; border: 1px solid; border-color: #283d40; border-spacing:1px; } .SOKMKBArticle .header { background: #ffffff; padding: 15px 10px 10px 10px; margin: 30px 25px 0px 25px; width: 100%; border: 2px solid; border-color:#283d40; border-radius: 3px; text-align: center; } .SOKMKBArticle .footer2 { background: #ffffff; padding: 0px 10px 20px 10px; width: 100%; border: 2px solid; border-color:#283d40; border-radius: 3px; } .SOKMKBArticle .section { display: inline-block; border-radius: 3px; padding: 10px 10px 10px 10px; } .SOKMKBArticle .sop { background: #ffffff; padding: 5px 10px 10px 10px; margin: 5px 5px 5px 5px; height: 300px; border: 2px solid; border-radius: 3px; vertical-align: top; } .SOKMKBArticle .cwf { background: #ffffff; padding: 5px 10px 10px 10px; margin: 5px 5px 5px 5px; height: 100px; border: 2px solid; border-radius: 3px; vertical-align: top; } .SOKMKBArticle .rnr { background: #ffffff; padding: 5px 10px 10px 10px; margin: 5px 5px 5px 5px; height: 200px; width: 830px; border: 2px solid; border-radius: 3px; } .SOKMKBArticle .faq { background: #ffffff; padding: 5px 10px 10px 10px; margin: 5px 5px 5px 5px; height: 200px; width: 100%; border: 2px solid; border-radius: 3px; } .SOKMKBArticle .training { width: 100%; padding: 10px 5px 10px 5px; background-color: #b0e1ce; border: 1px solid; border-color: #81b5a1; } .SOKMKBArticle .training1 { width: 100%; padding: 10px 5px 10px 5px; background-color: #68a1af; border: 3px solid; border-color: #283d40; } .SOKMKBArticle .training2 { width: 100%; padding: 10px 5px 10px 5px; background-color: #fbd0b3; border: 3px solid; border-color: #ff924e; } .SOKMKBArticle .training3 { width: 100%; padding: 10px 5px 10px 5px; background-color: #e1eeea; border: 3px solid; border-color: #81b5a1; } .SOKMKBArticle .training4 { width: 100%; padding: 10px 5px 10px 5px; background-color: #dcf8ed; border: 3px solid; border-color: #64ddac; } .SOKMKBArticle .changetype { padding: 5px 5px 5px 15px; margin-top: 5px; background-color: #f5f9f7; border: 1px solid; border-color: #81b5a1; border-radius: 10px; } .SOKMKBArticle .button { padding: 5px 5px 5px 15px; margin-top: 5px; color: #ffffff; background-color: #ff924e; border: 1px solid; border-color: #cc4e00; border-radius: 10px; } .SOKMKBArticle div.margin{ padding: 10px 40px 40px 30px; color: #283d40; font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; font-size: 10pt; } .SOKMKBArticle div.margin2{ margin: 10px 10px 10px 10px; color: #283d40; font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; font-size: 10pt; border: 40px solid; border-color: #283d40; } .SOKMKBArticle div.fed{ background-color: #f5f8fa; border: 1px solid; border-color: #bfbfbf; padding: 10px; } .SOKMKBArticle .FedRestricted{ background-color: #c00000; color: #ffffff; padding: 10px; margin-top: 10px; text-align: center; font-size: 14pt; font-weight: bold; } .SOKMKBArticle .CustRestricted{ background-color: #ff0000; color: #ffffff; padding: 10px; margin-top: 10px; text-align: center; font-size: 14pt; font-weight: bold; } .SOKMKBArticle .SNRestricted{ background-color: #ea700d; color: #ffffff; padding: 10px; margin-top: 10px; text-align: center; font-size: 14pt; font-weight: bold; } .SOKMKBArticle .SNConfidential{ background-color: #ffc000; color: #ffffff; padding: 10px; margin-top: 10px; text-align: center; font-size: 14pt; font-weight: bold; } .SOKMKBArticle .Public{ background-color: #00b050; color: #ffffff; padding: 10px; margin-top: 10px; text-align: center; font-size: 14pt; font-weight: bold; } .SOKMKBArticle table.tocTable{ border: 1px solid; border-color:#f2f2f2; background-color: #f2f2f2; padding-top: .6em; padding-bottom: .6em; padding-left: .9em; padding-right: .6em; } .SOKMKBArticle table.noteTable{ align: left; border: none; border-color: #81b5a1; background-color: #f2f2f2; width: 100%; border-spacing:2; font-size:12px; } .SOKMKBArticle table.internalTable{ border-top: 1px solid; border-left: 1px solid; border-color:#81b5a1; width: 100%; border-spacing:1px; } .SOKMKBArticle .sp td{ border-bottom: 1px solid; border-right: 1px solid; border-color: #81b5a1; background-color: #ffffff; height: 20px; padding-top: .5em; padding-bottom: .5em; padding-left: .5em; padding-right: .5em; } .SOKMKBArticle .sphr td{ border-right: 1px solid; border-bottom: 1px solid; border-color: #81b5a1; background-color: rgb(245, 245, 245); padding-top: .5em; padding-bottom: .5em; padding-left: .5em; padding-right: .5em; height: 20px; } .SOKMKBArticle .sh td{ border-bottom: 1px solid; border-right: 1px solid; border-color:#81b5a1; background-color: #81b5a1; color: #ffffff; height: 20px; padding-top: .5em; padding-bottom: .5em; padding-left: .5em; padding-right: .5em; } .SOKMKBArticle th { padding-top: .5em; padding-bottom: .5em; padding-left: .5em; padding-right: .5em; border-bottom: 1px solid; border-right: 1px solid; border-color:#81b5a1; background-color: #283d40; font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; font-size: 10pt; color: #ffffff; height: 20px; } .SOKMKBArticle td { border-color:#81b5a1; font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; font-size: 10pt; color: #283d40; } .SOKMKBArticle p { color: #283d40; font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; } .SOKMKBArticle li { color: #283d40; font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; font-size: 10pt; line-height: 1.5; } .SOKMKBArticle pre { font-family: Courier New; } .SOKMKBArticle div { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; } .SOKMKBArticle hr { border-top-width: 1px; border-top-style: solid; border-top-color: #81b5a1; } .SOKMKBArticle a { color: #81b5a1; } .SOKMKBArticle a.two:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #81b5a1; border: 1px solid; border-color: #81b5a1; } .SOKMKBArticle a.two:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #81b5a1; border: 1px solid; border-color: #81b5a1; } .SOKMKBArticle a.two:hover { color: #ffffff; background-color: #259b8a; } .SOKMKBArticle a.three:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #283d40; border: 2px solid; border-color: #81b5a1; } .SOKMKBArticle a.three:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #283d40; border: 2px solid; border-color: #81b5a1; } .SOKMKBArticle a.three:hover { color: #283d40; background-color: #81b5a1; border: 2px solid; border-color: #81b5a1; } .SOKMKBArticle a.four:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #81b5a1; } .SOKMKBArticle a.four:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #81b5a1; } .SOKMKBArticle a.four:hover { color: #ffffff; background-color: #259b8a; border: 2px solid; border-color: #259b8a; } .SOKMKBArticle a.five:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #64ddac; } .SOKMKBArticle a.five:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #64ddac; } .SOKMKBArticle a.five:hover { color: #283d40; background-color: #28b980; border: 2px solid; border-color: #28b980; } .SOKMKBArticle a.six:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #64ddac; border: 2px solid; border-color: #64ddac; } .SOKMKBArticle a.six:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #81b5a1; } .SOKMKBArticle a.six:hover { color: #283d40; background-color: #28b980; border: 2px solid; border-color: #28b980; } .SOKMKBArticle a.seven:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #283d40; } .SOKMKBArticle a.seven:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #283d40; } .SOKMKBArticle a.seven:hover { color: #283d40; background-color: #c8dbdd; border: 2px solid; border-color: #283d40; } .SOKMKBArticle a.eight:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #283d40; border: 2px solid; border-color: #283d40; } .SOKMKBArticle a.eight:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #283d40; border: 2px solid; border-color: #283d40; } .SOKMKBArticle a.eight:hover { color: #283d40; background-color: #c8dbdd; border: 2px solid; border-color: #283d40; } .SOKMKBArticle a.nine:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #ff924e; } .SOKMKBArticle a.nine:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ffffff; border: 2px solid; border-color: #ff924e; } .SOKMKBArticle a.nine:hover { color: #ffffff; background-color: #933700; border: 2px solid; border-color: #933700; } .SOKMKBArticle a.ten:link { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ff924e; border: 2px solid; border-color: #ff924e; } .SOKMKBArticle a.ten:visited { padding: 15px 45px 15px 45px; margin-top: 20px; color: #283d40; text-align: center; background-color: #ff924e; border: 2px solid; border-color: #ff924e; } .SOKMKBArticle a.ten:hover { color: #ffffff; background-color: #933700; border: 2px solid; border-color: #933700; } .SOKMKBArticle .button { padding: 15px 45px 15px 45px; margin-top: 20px; color: #ffffff; text-align: center; background-color: #1F8476; border: 1px solid; border-color: #1F8476; } .SOKMKBArticle .title { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #81b5a1; font-size: 30pt; } .SOKMKBArticle .hd1{ font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-size: 20pt; border-bottom: 1px solid; border-bottom-color: #81b5a1; text-decoration: none; } .SOKMKBArticle h1 { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-size: 20pt; font-weight: normal; border-bottom: 1px solid; border-bottom-color: #81b5a1; text-decoration: none; } .SOKMKBArticle .hd2{ font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #68a1af; font-weight:bold; font-size: 16pt; text-decoration: none; } .SOKMKBArticle h2 { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #68a1af; font-weight:bold; font-size: 16pt; font-weight: normal; text-decoration: none; } .SOKMKBArticle .hd3{ font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: normal; font-size:14pt; text-decoration: none; } .SOKMKBArticle h3 { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: normal; font-size:14pt; text-decoration: none; } .SOKMKBArticle .hd4{ font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: normal; font-size: 12pt; text-decoration: none; } .SOKMKBArticle h4 { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: normal; font-size: 12pt; text-decoration: none; } .SOKMKBArticle .SOKMKBArticle .hd5{ font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: bold; font-size: 10pt; text-decoration: bold; } .SOKMKBArticle h5 { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: bold; font-size: 10pt; text-decoration: bold; } .SOKMKBArticle .hd6{ font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: normal; font-size: 10pt; text-decoration: underline; } .SOKMKBArticle h6 { font-family: Century Gothic, Verdana, Helvetica, Arial, sans-serif; color: #283d40; font-weight: normal; font-size: 10pt; text-decoration: underline; } .SOKMKBArticle details { font-size: 10pt; } .SOKMKBArticle details[open] summary ~ * { animation: sweep .5s; } @keyframes sweep { 0% {opacity: 0; margin-top: -10px} 100% {opacity: 1; margin-top: 0px} } .SOKMKBArticle summary { cursor: pointer; outline: none; } .SOKMKBArticle .summary { background-color: #81b5a1; font-size: 10px; color: white; cursor: pointer; padding: 5px; width: 100%; border: none; text-align: left; outline: none; vertical-align: top; } --> ServiceNow Posture June 2023 Description ServiceNow has released patches and an upgrade that address an Access Control List (ACL) bypass issue in ServiceNow Core functionality. Additional Details This issue is present in the following supported ServiceNow releases: Quebec prior to Patch 10 Hot Fix 8bRome prior to Patch 10 Hot Fix 1San Diego prior to Patch 7Tokyo prior to Tokyo Patch 1; and Utah prior to Utah General Availability If this ACL bypass issue were to be successfully exploited, it potentially could allow an authenticated user to obtain sensitive information from tables missing authorization controls. Additional information on ACLs and Report View ACLs (RVA) is available to users with access to Now Support: https://docs.servicenow.com/bundle/utah-now-intelligence/page/use/reporting/concept/read-access-control.html https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0958442 Resolution This vulnerability has been addressed in the release and patches listed in the table below. Customers can view their patching schedules via the Maintenance Calendar. ReleaseFixed VersionQuebecPatch 10 Hot Fix 8bRomePatch 10 Hot Fix 1San DiegoPatch 7TokyoPatch 1UtahGA Version For customers with instances still using a version of ServiceNow in which this issue is present, ServiceNow recommends applying the appropriate upgrade or patch to those instances as soon as possible. Customers can adjust their patch schedules by selecting the Reschedule Action dropdown. For customers who require technical assistance with this issue, please contact ServiceNow Technical Support. Resources https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43684 Change Log VersionPublishedSummary of Changes1.0June 07, 2023Initial publication