Restrict permissions for CMDB model

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Use the csm_cmdb_model.customer_visible_flag system property to limit customer access to data in the Product Models table as an additional access control to the CMDB model.

    The csm_cmdb_model.customer_visible_flag system property is an additional access control to the CMDB model. If csm_cmdb_model.customer_visible_flag is not set to the recommended value of true, then any user with the sn_esm_user role and out of the box ACLs will have permissions to the CMDB model. Note that this role tends to be granted to external users.

    Ensure that the property csm_cmdb_model.customer_visible_flag is set to true.

    More information

    Attribute Description
    Configuration name csm_cmdb_model.customer_visible_flag
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value <none>
    Fallback value false
    Category Access control
    Security risk
    • Severity score: 6.5
    • CVSS rating: Medium
    • Security risk details: External users could unwillingly be given permissions to the CMDB model.
    Functional impact None
    Dependencies and prerequisites None

    To learn more about adding or creating a system property, see Add a system property.