SNOW-13.1: Agent Accessing Classified Data Without Privacy Guard
๐ด High ยท ServiceNow Data Privacy
Detects agent scripts accessing tables with sys_dictionary data_privacy classifications without enforcing privacy guards. Includes CMDB tables (cmdb_ci_*) where read access constitutes topology disclosure.
Detailsโ
| Field | Value |
|---|---|
| Rule ID | SNOW-13.1 |
| Severity | High |
| Category | ServiceNow Data Privacy |
| Platforms | servicenow |
Remediationโ
Refer to the SquireX documentation for
remediation guidance specific to SNOW-13.1.