Ensure dashboards creation/deletion requires access check [New in Security Center 1.3 and updated in 2.0]

Australia Platform security

Release

australia

ft:locale

ja-JP

ft:publication_title

Australia Platform security

ft:clusterId

psec

bundleId

psec

workflow

Platform

Ensure dashboards creation/deletion requires access check [New in Security Center 1.3 and updated in 2.0]

リリースバージョン: Australia

更新日 2026年03月12日

所要時間：2分

The glide.processors.check_access_before_process system property enables access control list (ACL) enforcement for creating or deleting dashboards when a user is logged in.

Set the glide.processors.check_access_before_process system property to true. If the property does not appear in the System Properties [sys_properties] table, the fallback value is true.

More information


Attribute	Description
Configuration name	glide.processors.check_access_before_process
Configuration type	System Properties (/sys_properties_list.do)
Data type	Boolean
Recommended value	true
Default value	true
Fallback value	true
Category	Access control
Security risk	Severity score: 6.3 CVSS score: Medium Security risk details: Disabling this property by setting it to false, enables an ACL bypass on dashboards. This allows all authenticated users with low privileges to delete and add dashboards.
Dependencies and prerequisites	None
Functional impact	This property controls the ability to create new sys_dashboards and delete existing dashboards when a user lacks the necessary access rights. When the value is set to false, users with inappropriate roles can add and delete sys_dashboard entries (though the GlideRecord layer should recheck the existing ACLs). A value of true restricts add and delete operations for users without the required access rights.