Bleeping Computer

New ServiceNow flaw lets attackers enumerate restricted data

A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. ServiceNow is a cloud-based platform ...
CIO

Warning to ServiceNow admins: Fix your access control lists now

A vulnerability in the way ServiceNow manages user access control lists can easily allow a threat actor to steal sensitive data, says a security vendor, who urges admins to review their custom and ...
techtimes

ServiceNow Issues Fix Following Recent Data Exposure

In a recent report, ServiceNow, a prominent cloud-based platform, made an unsettling announcement. They warned that misconfigurations within their system had the potential to grant "unintended access" ...
Business Wire

Major Security Misconfiguration Impacting ServiceNow Instances Discovered

SAN FRANCISCO--(BUSINESS WIRE)--AppOmni, the leading provider of SaaS Security, has discovered a common ServiceNow Access Control List (ACL) misconfiguration present in nearly 70% of ServiceNow ...