Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

ServiceNow Instances Expose Corporate Data

September 17, 2024
Reading Time: 2 mins read
in Incidents
ServiceNow Instances Expose Corporate Data

Over 1,000 ServiceNow instances have been discovered to be leaking sensitive corporate Knowledge Base (KB) data, revealing a major security flaw that exposes critical information to potential threats. According to a report by cybersecurity firm AppOmni, these misconfigured instances have inadvertently made a range of sensitive data, including personally identifiable information (PII), internal system details, user credentials, and access tokens, accessible to unauthorized users. This vulnerability affects ServiceNow’s cloud-based platform, which is widely used by organizations for managing IT services, HR tasks, customer service, and internal knowledge sharing.

The issue arises from the use of outdated access controls that fail to adequately secure KB articles. Despite ServiceNow’s 2023 update designed to enhance Access Control Lists (ACLs) and prevent unauthorized access, many KBs still utilize a less secure “User Criteria” permission system. This oversight has left numerous public-facing widgets unprotected, allowing attackers to access sensitive data without requiring authentication. The exposed information can be exploited through brute-force techniques, where attackers systematically guess KB article IDs to retrieve confidential content.

AppOmni’s investigation highlights the critical need for organizations to review and update their ServiceNow security configurations. The firm’s report reveals that malicious actors can leverage tools like Burp Suite to automate attacks, retrieving and exploiting KB articles that should have been restricted. This situation underscores the importance of implementing robust access controls and regularly auditing configurations to prevent such vulnerabilities from being exploited.

To mitigate these risks, AppOmni advises ServiceNow administrators to ensure that KB articles are protected by appropriate user criteria settings. Administrators should avoid configurations that allow broad access, such as “Any User” or “Guest User,” and instead enforce stricter access controls. Additionally, it is recommended to activate ServiceNow’s out-of-the-box rules that automatically restrict guest users from accessing newly created KBs until explicit access is granted. By taking these steps, organizations can better safeguard their sensitive information and reduce the risk of data breaches.

Reference:
  • Over 1,000 ServiceNow Instances Expose Sensitive Corporate Data
Tags: AppOmnicyber incidentsCyber Incidents 2024Cyber threatsData BreachExposed DataSeptember 2024ServiceNowThreats
ADVERTISEMENT

Related Posts

Spanish Consumer Group Faces Cyberattack

LockBit Ransomware Data Leaked After Hack

May 9, 2025
Spanish Consumer Group Faces Cyberattack

Education Giant Pearson Hit by Data Breach

May 9, 2025
Spanish Consumer Group Faces Cyberattack

Spanish Consumer Group Faces Cyberattack

May 9, 2025
Masimo Cyberattack Disrupts Manufacturing

Masimo Cyberattack Disrupts Manufacturing

May 8, 2025
Masimo Cyberattack Disrupts Manufacturing

West Lothian Schools Hit by Ransomware

May 8, 2025
Masimo Cyberattack Disrupts Manufacturing

Cyberattack Targets Tepotzotlán Facebook

May 8, 2025

Latest Alerts

X Scam Targets Crypto Users with Fake Ads

FBI Warns Cybercriminals Exploit Routers

FreeDrain Phishing Steals Crypto Funds

CoGUI Targets Consumer and Finance Brands

COLDRIVER Hackers Target Sensitive Data

Cisco Fixes Flaw in IOS Wireless Controller

Subscribe to our newsletter

    Latest Incidents

    LockBit Ransomware Data Leaked After Hack

    Spanish Consumer Group Faces Cyberattack

    Education Giant Pearson Hit by Data Breach

    Masimo Cyberattack Disrupts Manufacturing

    Cyberattack Targets Tepotzotlán Facebook

    West Lothian Schools Hit by Ransomware

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial