ACC Release Notes, Knowledge Base and Security Informations
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-31-2024 04:50 AM
Hello,
are there any further informaitons to ACC Security Fixes? I cant find anything in the Security Knowledge Base, no CVEs or anything else,
I've just read stuff like:
"Remote Code Execution via Custom Certificate Injection"
But absolutley no information about affected Versions, Operating Systems, Mitigation etc...
Am I the only one who is concerned about how major security issues get not communicated properly? In many cases the ACC has wide spread deployment in companies and the only "informaiton" i get is when i actively read the release notes of new versions.....
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-31-2024 05:02 AM
No, there aren't. ServiceNow is keeping this very internally and every time I have asked for information, I got a little, but for 'security reasons' they aren't sharing too much.
Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-31-2024 06:20 AM
How do you handle this? Are you updateing the ACC immediately on the clients all the time when a new Update is out? With this lack of information it's absolutley not possible to assess if i have to push our client team to update the ACC outside of normal maintenance schedules, or if i can wait for the next upcoming update window. With all the "security fixes" in the release notes i probably have to push them every month, without even knowing if we are affected in the first place.
I think that's a horrible state we customers are in and pretty unprofessional from ServiceNow.