CVE-2025-3648: CWE-1220: Insufficient Granularity of Access Control in ServiceNow Now Platform
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer instance data that is not intended to be accessible to them. To assist customers in enhancing access controls, ServiceNow has introduced additional access control frameworks in Xanadu and Yokohama, such as Query ACLs, Security Data Filters and Deny-Unless ACLs. Additionally, in May 2025, ServiceNow delivered to customers a security update that is designed to enhance customer ACL configurations. Customers, please review the following KB Articles for further guidance: * (Requires NowSupport login) https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2046494 * (Requires NowSupport login) https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2256712 * https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2139567
CVE-2025-3648: CWE-1220: Insufficient Granularity of Access Control in ServiceNow Now Platform
Description
A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list (ACL) configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer instance data that is not intended to be accessible to them. To assist customers in enhancing access controls, ServiceNow has introduced additional access control frameworks in Xanadu and Yokohama, such as Query ACLs, Security Data Filters and Deny-Unless ACLs. Additionally, in May 2025, ServiceNow delivered to customers a security update that is designed to enhance customer ACL configurations. Customers, please review the following KB Articles for further guidance: * (Requires NowSupport login) https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2046494 * (Requires NowSupport login) https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2256712 * https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2139567
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- SN
- Date Reserved
- 2025-04-15T13:30:21.572Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 686d42bf6f40f0eb72f85c07
Added to database: 7/8/2025, 4:09:35 PM
Last updated: 7/8/2025, 4:09:35 PM
Views: 1
Related Threats
CVE-2025-7185: SQL Injection in code-projects Library System
MediumCVE-2025-6771: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Ivanti Endpoint Manager Mobile
HighCVE-2025-43019: CWE-269 Improper Privilege Management in HP Inc. HP Support Assistant
MediumCVE-2025-7184: SQL Injection in code-projects Library System
MediumCVE-2025-5464: CWE-532 Insertion of Sensitive Information into Log File in Ivanti Connect Secure
MediumActions
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.