Bleeping Computer

New ServiceNow flaw lets attackers enumerate restricted data

A new vulnerability in ServiceNow, dubbed Count(er) Strike, allows low-privileged users to extract sensitive data from tables to which they should not have access. ServiceNow is a cloud-based platform ...
SiliconANGLE

ServiceNow instances found vulnerable to misconfiguration and leaking data

New research released today by software-as-a-service security management startup AppOmni Inc. details how ServiceNow Inc. instances are vulnerable to misconfiguration. The issue relates to data ...
Hosted on MSN

Worrying ServiceNow security flaw could let hackers steal private table data

A mishap in ServiceNow access control lists meant users could be granted access, without meeting all the conditions New controls were added to mitigate the risk Users are advised to review their ...
CIO

Warning to ServiceNow admins: Fix your access control lists now

A vulnerability in the way ServiceNow manages user access control lists can easily allow a threat actor to steal sensitive data, says a security vendor, who urges admins to review their custom and ...
techtimes

ServiceNow Issues Fix Following Recent Data Exposure

In a recent report, ServiceNow, a prominent cloud-based platform, made an unsettling announcement. They warned that misconfigurations within their system had the potential to grant "unintended access" ...
Bleeping Computer

Over 1,000 ServiceNow instances found leaking corporate KB data

Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.
Dark Reading

Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data

One-thousand instances of enterprise knowledge bases (KBs) hosted by ServiceNow were found to be exposing sensitive corporate data over the past year, despite improvements in data protection that the ...