back to article ServiceNow quietly addresses unauthenticated data exposure flaw from 2015

ServiceNow is issuing a fix for a flaw that exposes data after a researcher published a method for unauthenticated attackers to steal an organization's sensitive files. Security researcher Aaron Costello highlighted apparent issues with the default configurations of ServiceNow's widgets, allowing for personal data to be …

  1. john.jones.name
    Mushroom

    good luck

    good luck getting incident information unless your a customer...

  2. Anonymous Coward
    Anonymous Coward

    My brother, who I'm pretty sure trusts me not to secretly screw him over, was having trouble with his neighbours and asked me to set up recording equipment at his house to catch evidence, so I cobbled something together out of an old laptop running linux.

    It did not use wifi and connected to the internet (which it didn't need) only when physically plugged into the router, after which he had to log in locally and run a command before I could connect to perform maintenance (I could have made a button for that and a viewer for him but it was a quick hack job).

    This is how you secure people's privacy. Don't take it in the first place.

  3. Anonymous Coward
    Anonymous Coward

    wtf do they do?

    looked at there web page,

    wtf do they do?

    workflow and automation? for non-programmers?

    that will go real well!, in the real world unless they are just selling a complete already setup set of flows already working, most business people will completely fuck it up trying to configure it.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like