Queries about May 2025 Maintenance - KB2046494
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2025 02:48 AM
Hi all,
Based on this KB - https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2046494
The objective here is to follow the article and upgrade to address data inference vulnerability. There are multiple issues that I am facing and this is done in PDI (Xanadu).
Issue 1: Validation Checks Failed - (sys_security_attribute) table:
Issue when querying in sys_security_attribute, I am unable to find the below in the search result
Security Attributes (sys_security_attribute) name | Security Attributes (sys_security_attribute) sys_id | Active | COMMENTS FROM ME |
UserIsAuthenticatedAndHasRightsToRead | 30b1557ea3dc6210103da1fdc31e6128 | True |
|
Issue 2: Validation Checks Failed - (sys_security_acl) table:
Issue when querying in sys_security_acl, I am unable to find the below in the search result
Access Control (sys_security_acl) name | Access Control (sys_security_acl) sys_id | Decision Type | Operation | COMMENTS FROM ME |
*.* | 052f3a92a3102210103da1fdc31e6125 | Deny-Unless | query_range | Passed in Yokohama |
*.* | 7fce54b64ff42210ee1a3c11b1ce0b97 | Allow-if | query_range | Passed in Yokohama |
Issue 3: Role has been modified from "Public" to "Nobody"
Issue here is that I am unable to find "Nobody". Should there be a role that has the name "Nobody"? or should i just remove "Public"?
As per KB "
Review changes to ACLs and security attributes
The default behavior of some of the existing ACLs has been updated to help further restrict access by unauthenticated users. Please review these changes as they may warrant further action to meet your business needs.
Access Control (sys_security_acl) name | Access Control (sys_security_acl) sys_id | Change |
*.* | 5c3e8c50935502102504ff92f189187c | Role has been modified from ‘public’ to ‘nobody’ |
Issue 4: Unable to Trigger Script
As per KB, "Running the QueryRangeACLAuditor
Please refer to the validation steps earlier in this KB for details on validating the update. It is recommended that you review the validation steps above after each run is complete. The QueryRangeACLAuditor Script Include can also be run in a script as follows:
new global.QueryRangeACLAuditor().auditQueryRangeACLs();"
I went to All -> Scripts - Background
then it showed a white screen
Hoping to seek help from the community. Thanks in advance.
- Labels:
-
CVE-2025-3648
-
KB2046494
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2025 04:34 AM
Please realize the PDIs aren't the same as customer/partner instances. Chances are that your PDI did not have the same maintenance as regular instances.
Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2025 06:38 PM
Hi Mark,
Even so, i can execute step 4 : Unable to Trigger Script - "Running the QueryRangeACLAuditor".
Any idea how i can do this?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-10-2025 01:13 AM
I have no information about your PDI. I don't know when it has been created or what kind of updates it has had. You need to check on what is and what isn't installed.
Please mark any helpful or correct solutions as such. That helps others find their solutions.
Mark
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2025 10:29 AM
Good Point the PDI might be a version where the security flaw is already patched or will be once you reset or restart it.