Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

ServiceNow Instances Expose Corporate Data

September 17, 2024
Reading Time: 2 mins read
in Incidents
ServiceNow Instances Expose Corporate Data

Over 1,000 ServiceNow instances have been discovered to be leaking sensitive corporate Knowledge Base (KB) data, revealing a major security flaw that exposes critical information to potential threats. According to a report by cybersecurity firm AppOmni, these misconfigured instances have inadvertently made a range of sensitive data, including personally identifiable information (PII), internal system details, user credentials, and access tokens, accessible to unauthorized users. This vulnerability affects ServiceNow’s cloud-based platform, which is widely used by organizations for managing IT services, HR tasks, customer service, and internal knowledge sharing.

The issue arises from the use of outdated access controls that fail to adequately secure KB articles. Despite ServiceNow’s 2023 update designed to enhance Access Control Lists (ACLs) and prevent unauthorized access, many KBs still utilize a less secure “User Criteria” permission system. This oversight has left numerous public-facing widgets unprotected, allowing attackers to access sensitive data without requiring authentication. The exposed information can be exploited through brute-force techniques, where attackers systematically guess KB article IDs to retrieve confidential content.

AppOmni’s investigation highlights the critical need for organizations to review and update their ServiceNow security configurations. The firm’s report reveals that malicious actors can leverage tools like Burp Suite to automate attacks, retrieving and exploiting KB articles that should have been restricted. This situation underscores the importance of implementing robust access controls and regularly auditing configurations to prevent such vulnerabilities from being exploited.

To mitigate these risks, AppOmni advises ServiceNow administrators to ensure that KB articles are protected by appropriate user criteria settings. Administrators should avoid configurations that allow broad access, such as “Any User” or “Guest User,” and instead enforce stricter access controls. Additionally, it is recommended to activate ServiceNow’s out-of-the-box rules that automatically restrict guest users from accessing newly created KBs until explicit access is granted. By taking these steps, organizations can better safeguard their sensitive information and reduce the risk of data breaches.

Reference:
  • Over 1,000 ServiceNow Instances Expose Sensitive Corporate Data
Tags: AppOmnicyber incidentsCyber Incidents 2024Cyber threatsData BreachExposed DataSeptember 2024ServiceNowThreats
ADVERTISEMENT

Related Posts

Victoria’s Secret Site Down After Breach

Victoria’s Secret Site Down After Breach

May 29, 2025
Victoria’s Secret Site Down After Breach

Cork Protocol Paused After $12M Exploit

May 29, 2025
Victoria’s Secret Site Down After Breach

LexisNexis GitHub Breach Affects 364K People

May 29, 2025
Tiffany & Co. Faces Data Breach Incident

Migos IG Hack Blackmails Solana Cofounder

May 28, 2025
Tiffany & Co. Faces Data Breach Incident

Tiffany & Co. Faces Data Breach Incident

May 28, 2025
Tiffany & Co. Faces Data Breach Incident

MathWorks Crippled by Ransomware Attack

May 28, 2025

Latest Alerts

New PumaBot IoT Botnet Uses SSH Attack

APT41 Uses Google Calendar For C2 Operations

New NodeSnake RAT Hits UK Universities

Microsoft Void Blizzard Cyber Threat Alert

Fake DocuSign Alerts Target Corporate Logins

Fake Bitdefender Site Spreads Venom Malware

Subscribe to our newsletter

    Latest Incidents

    Cork Protocol Paused After $12M Exploit

    Victoria’s Secret Site Down After Breach

    LexisNexis GitHub Breach Affects 364K People

    Migos IG Hack Blackmails Solana Cofounder

    Tiffany & Co. Faces Data Breach Incident

    MathWorks Crippled by Ransomware Attack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial