Newest Data Leak comment

Joshua Comeau
Kilo Sage

‎10-19-2023 04:54 AM

JoshuaComeau_0-1697716299511.png

Based on this article:Knowledge Article View - Now Support Portal (servicenow.com)

I would like to know what this fully means:

Based on our current analysis, when the render_size is between 9,000 and 9,600, only a record count was potentially exposed. If the render_size is above 9,600, we believe that the contents of the table column were returned by the call to the widget.
 
Can someone please explain what is meant by the returned by the call if the render_size is over 9,600.
 
0 Helpfuls
  • 673 Views
1 REPLY 1

Terri Kouba
Tera Expert

‎10-23-2023 05:51 PM

Hi Joshua,

 

We are trying to get an answer from ServiceNow what 'render size' really means.

 

Other than that, if the render size is >9500, it's likely that bad actors were able to extract every record in the table queried (but not necessary all fields, depending on your ACLs).

 

At some sites, this could mean a serious exposure of data.

 

Thanks,


Terri

0 Helpfuls