Scheduled Jobs without a dedicated integration user
Security
High
Scheduled Email of Report, Scheduled Entity Generation, Scheduled Email of Custom Chart, Scheduled Report Summary Generation, Scheduled Script Execution, Scheduled Email of Query Builder, Scheduled Data Collection, Benchmark Scheduled Script, Scheduled Data Import Set
Rule ID
SN-0404Impact
Scheduled jobs that run using the default admin user can introduce security weaknesses. The improper access control regarding automated scripts can lead to access to sensitive information or risky commands executions. For this reason, the user used to run the scheduled job should be marked as internal_integration_user and should have the minimum required roles.
Remediation
Run as user in automated scripts should have internal_integration_user field checked in user record.
Time to fix
10 min
References
This rule is linked to Common Weakness Enumeration CWE-284 Improper Access Control.