CVE-2023-37518

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Jan 30, 2024

Updated: Feb 5, 2024

CWE ID 94

Summary

CVE-2023-37518 is a critical vulnerability affecting HCL BigFix ServiceNow. This issue allows malicious authorized attackers to inject arbitrary code into the system, potentially gaining the ability to execute code with the privileges of the running user. The exploitation of this vulnerability could result in significant security risks, including data theft, unauthorized system access, or system disruption. It is recommended that affected organizations apply the available patch as soon as possible to mitigate this threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

HCL Technologies Ltd.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r5hiV6
https://www.cve.org/CVERecord?id=CVE-2023-37518
https://nvd.nist.gov/vuln/detail/CVE-2023-37518

Back to Vulnerability Database

CVE-2023-37518

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations