- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-09-2024 11:22 PM
Application vulnerable item [sn_vul_app_vulnerable_item] record in servicenow make readonly the remediation target and Last opened field when user doesn't have pentester role.if pentester role there for other group or group members they are able to edit or modify the field.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2024 07:52 PM
Hi, These fields are by default read-only as they are system generated and is recommended not to be made editable manually. However you are right, they become editable for users with the sn_vul.app_pen_tester role when the "Assessment Request" iS NOT empty.. ie. if it was a manually created AVIT from the Penetration Testing assessment request process.. below screenshots show the OOB ACL in question..
So again, its best to leave those fields as is for all the AVITs coming in from the scanners as the Scanner Integrations and the Remediation Target Rules will take care of the necessary updates to these fields.
Pls mark helpful and accept as solution if the explanation is sufficient.
Cheers
AB
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-14-2024 07:52 PM
Hi, These fields are by default read-only as they are system generated and is recommended not to be made editable manually. However you are right, they become editable for users with the sn_vul.app_pen_tester role when the "Assessment Request" iS NOT empty.. ie. if it was a manually created AVIT from the Penetration Testing assessment request process.. below screenshots show the OOB ACL in question..
So again, its best to leave those fields as is for all the AVITs coming in from the scanners as the Scanner Integrations and the Remediation Target Rules will take care of the necessary updates to these fields.
Pls mark helpful and accept as solution if the explanation is sufficient.
Cheers
AB