CVE-2025-62607
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: GitHub, Inc.

Description
Nautobot Single Source of Truth (SSoT) is an app for Nautobot. Prior to version 3.10.0, an unauthenticated attacker could access this page to view the Service Now public instance name e.g. companyname.service-now.com. This is considered low-value information. This does not expose the Secret, the Secret Name, or the Secret Value for the Username/Password for Service-Now.com. An unauthenticated member would not be able to change the instance name, nor set a Secret. There is not a way to gain access to other pages Nautobot through the unauthenticated Configuration page. This issue has been patched in version 3.10.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-05-07
AI Q&A
2025-10-22
EPSS Evaluated
2026-05-05
NVD
CVE-2025-62607
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
nautobot nautobot_ssot *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-306 The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-62607 is a vulnerability in the nautobot_ssot package prior to version 3.10.0 where an unauthenticated attacker can access the ServiceNow configuration page and view the public ServiceNow instance name (e.g., companyname.service-now.com). This page did not require authentication due to a generic Django view without access controls. However, this exposure is limited to low-value information and does not include sensitive data such as secrets or credentials. The vulnerability does not allow modification of the instance name or access to other Nautobot pages. It has been fixed in version 3.10.0 by enforcing permissions on the affected view. [1]


How can this vulnerability impact me? :

The impact of this vulnerability is low to moderate. An unauthenticated attacker can only view the public ServiceNow instance name, which is considered low-value information. There is no exposure of sensitive credentials or secrets, and no ability to modify configuration or access other parts of Nautobot. Therefore, the risk is limited to information disclosure of a public instance name, which might aid in reconnaissance but does not directly compromise system integrity or confidentiality. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking if the vulnerable Nautobot Single Source of Truth (SSoT) app version prior to 3.10.0 is running and if the ServiceNow configuration endpoint `/plugins/ssot/servicenow/config/` is accessible without authentication. You can use network scanning or HTTP request commands such as: 1. Using curl to check access: curl -i http://<nautobot-server>/plugins/ssot/servicenow/config/ 2. Using wget: wget --spider http://<nautobot-server>/plugins/ssot/servicenow/config/ If the page is accessible without authentication and reveals the ServiceNow public instance name, the system is vulnerable. Additionally, verify the installed version of the nautobot-app-ssot package to confirm if it is older than 3.10.0. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading the nautobot-app-ssot package to version 3.10.0 or later, which enforces permissions on the ServiceNow Config view to prevent unauthenticated access. If upgrading is not immediately possible, a workaround is to disable the ServiceNow SSoT integration to block access to the vulnerable endpoint until the patch can be applied. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart