ServiceNow instances are vulnerable to data breaches due to misconfigurations of customer Access Control Lists (ACLs). This was discovered by the security specialists at AppOmni.
AppOmni discovered that misconfigured ACLs of ServiceNow instances enable data breaches. The vulnerability allows unauthorized users to tap data. According to AppOmni, the cause is a combination of misconfigured ACLs and overprovisioning of permissions to guest users.
According to AppOmni, the problem is more common among SaaS providers. The providers often use role-based access control as the main way of giving permissions to users. Role-based access is prone to the vulnerability.
AppOmni suggests two solutions for the problem found with the ServiceNow instances. The first is AppOmni’s Security Analyzer, a tool that scans ServiceNow instances for the discovered vulnerabilities. The second is a manual analysis of ACL configurations and access management. AppOmni advises administrators to regularly review whether data is accessible to unauthorized users.