CVE-2023-37518

Name of the Vulnerable Software and Affected Versions HCL BigFix ServiceNow (affected versions not specified)

Description The issue is related to incorrect code generation management in the ServiceNow Data Flow platform, allowing a remote attacker to execute arbitrary code. A malicious authorized attacker could inject arbitrary code and execute it within the context of the running user.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.