TRIAL REQUEST A DEMO LOGIN

CSV Request Authorization should be enabled

Impact area

Security

Severity

High

Affected element

System property

Rule ID

SN-0192

Impact

Without appropriate authorization configured on the incoming CSV requests, an unauthorized user can get access to sensitive content/data on the target instance.

Remediation

It is recommended to set this property "glide.basicauth.required.csv" to true, as without appropriate authorization configured on the incoming CSV requests, an unauthorized user can get access to sensitive content/data on the target instance.

Time to fix

15 min

References

This rule is linked to Common Weakness Enumeration CWE-862 Missing Authorization.

What's here


Related content

ServiceNow rules

System property rules

Common Weakness Enumeration (CWE™)




Last modified on Oct 13, 2020
Copyright © QualityClouds 2021