Earlier this week, ServiceNow announced on its support site that misconfigurations within the platform could result in "unintended access" to sensitive data.

support.servicenow.com/kb?id=k

For organizations that use ServiceNow, this security exposure is a critical concern that could have resulted in major data leakage of sensitive corporate data. ServiceNow has since taken steps to fix this issue.

theregister.com/2023/10/26/ser

It's important to reiterate that this issue was not caused by a vulnerability in ServiceNow's code but by a configuration that exists within the platform.

This issue stems from security controls in a ServiceNow Access Control List (ACL) widget called Simple List

Published by ServiceNow in their knowledge base article – General Information | Potential Public List Widget Misconfiguration

/nosanitize

support.servicenow.com/kb?id=k

@ecksmc Are there alternatives from other vendors to ServiceNow?

Follow

@MisterE many

Microsoft, IBM, Atlassian, Broadcom, SAP, Ivanti

honestly i wouldn't know what the best, or better, option would be

list of others >> open source alternatives

/nosanitize

alternativeto.net/software/ser

@ecksmc It would have been the reaction of management on the last gig to get those vendors and bring them in to check out their software.

@MisterE for sure

double and triple checks all over the board

@ecksmc Generally, that "looking around" at other vendors was both a pain in the ass and a huge waste of time. I would yell at my manager when they got a wild hair up their ass about "we have to look around". Didn't help much.

@MisterE i can imagine lol

can be daunting looking new vendors for things time consuming and frustrating also

better the devil you know < sometimes anyway

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.