ServiceNow Instances Misconfigured, Vulnerable to data extraction

ServiceNow Instances Misconfigured_ Vulnerable to data extraction-01

ServiceNow, a SaaS platform, has announced that the risks due to improper access blocking, resulting in 70% of ServiceNow implementations tested by AppOmni being potentially exposed to the public.

The cause of all the exposure, “is a combination of customer-managed ServiceNow ACL configurations and over-granting of permits to visiting users.” ACLs – access control lists – track permissions in the IT field.

The alleged incidents “could be used by a malicious character to extract information from records,” Security Researcher Aaron Costello wrote in the report.

Read More:

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.