Validate remote host

  • Release version: Xanadu
  • Updated August 1, 2024
  • 1 minute to read

    • Set the property to true to prevent bad actors from using internal port scanning in your network.

    If the glide.update_set.remote.check_host property is not set to the recommended value of true, then the Team Development remote instance test feature will allow internal port scanning which is a method bad actors can use to discover vulnerabilities in a network. It is then possible to enumerate all open ports on a given host, and in some cases pull response data which could lead to information leakage or unauthorized data access.
    Warning:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.

    More information

    Attribute Description
    Configuration name glide.update_set.remote.check_host
    Configuration type System Properties (/sys_properties_list.do)
    Data type boolean
    Recommended value true
    Default value true
    Category Business Logic
    Security risk
    • Severity score: 6.3
    • CVSS score: Medium
    • Security risk details: Not setting property to the recommended value of true could enable bad actors to use internal port scanning to gain access to unauthorized data.
    Dependencies and prerequisites None
    References

    https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0755132

    Define a remote instance