Disable unauthenticated published reports [Updated in Security Center 2.0]
Deactivate this property to prevent the user from publishing or accessing reports. This property disables the published reports feature in reporting.
Enable publishing reports by setting the glide.report.published_reports.enabled to true.
Ensure the Glide Property glide.report.published_reports.enabled exists and is set to the value false. If the property does not appear in the sys_properties table, add a new record.
More information
| Attribute | Description |
|---|---|
| Property name | glide.report.published_reports.enabled |
| Configuration type | System Properties (/sys_properties_list.do) |
| Category | Architecture, design, and threat modeling |
| Purpose | Disables the published reports feature in reporting. |
| Type | true | false |
| Recommended value | false |
| Security risk rating | 6.5 |
| Functional impact | The user cannot publish reports. |
| Security risk | (Moderate) If this property is not enabled, users may be able to access or publish reports exposing sensitive data. Publishing a report creates a URL that anyone can use to access the report, including people who are not users. When anyone navigates to the URL, the report is generated with current data from the instance. |
| References | Publish a report |
To learn more about adding or creating a system property, see Add a system property.