Enterprise ServiceNow KBs exposed, leaking corporate data

Researchers found over a thousand ServiceNow instances exposing company info

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Research fromAppOmnihas claimed over 1,000 individual instances at ServiceNow which unintentionally exposed data from Knowledge Bases (KBs). This accounts for 45% of enterprises tested by the researchers.

ServiceNow offers KBs, which are self-service platforms “for users to store, share, and manage content”.

Aaron Costello, chief of SaaS security research at AppOmni, noted the risk comes from KBs that have been misconfigured by companies, leading to the exposed data. The applications affected were made public, so any threat actors could potentially see the information the bases contain.

Sensitive data

Sensitive data

ServiceNow is used by 85% of the Fortune 500 to manage IT services and processes, and companies use the service to set up systems that define, automate, manage, and structure IT services.

The information found by researchers containedpersonally identifiable information(PII) such as names, credentials, phone numbers, and internal system details. Internal information such as HR processes or cyber attack response protocol was compromised, which could cause serious issues for a company’s cyber security.

“This is critical for organizations that use ServiceNow to know about because it can lead to the exposure of sensitive information such as PII, internal system information, and active credentials,” said Costello. “This highlights the urgent need for enterprises to routinely check and update their security configurations to prevent unauthorized access and protect their data assets.”

This isnot the first time ServiceNowhas presented vulnerabilities, with security flaws also spotted by researchers earlier this year.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

ServiceNow introduced a round of updates in 2023 to their Access Controls Lists (ACLs) which were aimed at improving data protection but crucially these didn’t include KBs. Whilst externally facing information has legitimate uses, the KBs expose customer information which could be leveraged by threat actors.

To mitigate the risks of exposed information, the security researchers advise running routine diagnostics and communicating with software platform providers for the latest security updates.

More from TechRadar Pro

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

LG Electronics sets ambitious B2B revenue goal to offset declining consumer demand

New fanless cooling technology enhances energy efficiency for AI workloads by achieving a 90% reduction in cooling power consumption

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics