High Security Settings plugin disabled

Impact area

Security

Severity

High

Affected element

Inactive security plugin

Rule ID

SN-0016

Impact

The High security plugin sets many secure defaults and enables the use of Access Control Rules.

Remediation

The High security plugin sets many more secure defaults. It should be activated, but due to its impact the whole instance should be carefully tested afterwards.

Time to fix

5 min

References

See the ServiceNow documentation article: High security settings.

This rule is linked to Common Weakness Enumeration CWE-284 Improper Access Control.




Last modified on Oct 13, 2020