Customers aren’t locking down access correctly, leading to ~70 percent of ServiceNow implementations being vulnerable to malicious data extraction.
Nearly 70 percent of ServiceNow implementations are vulnerable to malicious data extraction.
Nearly 70 percent of instances of the software-as-a-service (SaaS) platform ServiceNow are potentially exposed to the public.
ServiceNow is a $4.5 billion company whose software helps enterprises with their digital workflows. According to a report published Wednesday by Enlyft, over 20,000 companies use the platform.
The cause of all the exposure, the report stated, is “a combination of customer-managed ServiceNow ACL configurations and overprovisioning of permissions to guest users.” ACLs – access control lists – track permissions in an IT environment.
Exposed instances “may be utilized by a malicious actor to extract data from records,” Offensive Security Researcher Aaron Costello wrote in the report.
Human Error Leads to Data Exposure
Organizations typically use role-based access controls (RBAC) to determine who can access what resources within a system. Users can see and possibly interact with whatever is relevant to them and are barred from whatever isn’t.
For public-facing companies, the general public plays into the RBAC picture. “One important aspect of RBAC,” the report noted, “is
Read More: https://threatpost.com/most-servicenow-instances-misconfigured-exposed/178827/
