NVD disclosure day
CVE-2024-5910
Halo Surface Signal: 3 out of 5 — possibly public-facing.
A vulnerability in Palo Alto Networks Expedition allows attackers with network access to take over an administrator account. This can expose sensitive data, including configuration secrets and credentials imported into the tool, posing a business risk.
CVE-2024-5217
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in ServiceNow's Now Platform, affecting Washington DC, Vancouver, and earlier releases, could allow an unauthenticated user to execute code remotely. This poses a business risk of unauthorized system access and potential operational disruption. Patches are available from ServiceNow to address this issue
CVE-2024-4879
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in ServiceNow's Now Platform could allow an unauthenticated user to execute remote code. ServiceNow has provided updates to address this issue for hosted and self-hosted instances, mitigating the risk to organizations and their data.