Enforce scope security for public sector digital services [New in Security Center 1.3]

Use the glide.enforce_security_scope.sn_gsm property to control how the application data from the Public Sector Digital Services application is accessed.

The ServiceNow Public Sector Digital Services application lets you develop public sector applications that deliver digital services to constituents, businesses, and agencies.

When glide.enforce_security_scope.sn_gsm is set to false, access to the application data within the global tables of the Public Sector Digital Services app may be accessible based on the access control lists (ACLs) of those global tables. When this property is set to true, access to data residing in global tables are only evaluated based off the ACLs shipped directly in the Public Sector Digital Services app. Setting this property to false may lead to information disclosure from over permissive ACLs.

To remediate this security risk, set glide.enforce_security_scope.sn_gsm to true.

More information

AttributeDescription
Configuration name glide.enforce_security_scope.sn_gsm
Configuration type System Properties (/sys_properties_list.do)
Data type boolean
Recommended value true
Default value true
Category Access control
Security risk
  • Severity score: 4.2
  • CVSS score: Medium
  • Security risk details: Not setting this property to the recommended value could lead to information disclosure from over permissive ACLs.
Dependencies and prerequisites None
References