ServiceNow vulnerability
- 08 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
ServiceNow vulnerability
- Updated on 08 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
ServiceNow Vulnerability Response is a module within the ServiceNow platform that helps organizations manage the lifecycle of vulnerabilities, including identification, prioritization, remediation, and verification.
ServiceNow Configuration
The scope is a mechanism to let an application request limited access to a user’s data. ServiceNow platform supports authentication scopes to allow admins to limit access of an OAuth client application to a specific REST API.
Prerequisite Role required: choose the admin role for Create an OAuth API endpoint for external clients.
Navigate to System OAuth > Application Registry and then click New. On the "interceptor" page, click Create an OAuth API endpoint for external clients and then fill in the form.
Name | Unique Name that identifies the application |
Client ID | This will be auto-generated by the instance (to be provided to DataBee) |
Client Secret | This will be auto-generated by the instance (to be provided to DataBee) |
Refresh Token Lifespan | 8,640,000 seconds (100 days) & can be increased |
Access Token Lifespan | 1800 seconds (30 Minutes) & can be increased |
For OAuth, the 'grant type' will be Password credentials, the 'scope' will be useraccount and the 'token URL' will be https://instance.service-now.com/oauth_token.do.
Create User
We will need to create a user for API access. The prerequisite Role required to create user is “user_admin”.
To create user
Navigate to All > User Administration > Users.
Select New
Set the following fields:
Time Zone set to “UTC”. This will provide a UTC date in API response
Date format should be “System(yyyy-MM-dd)”.
Active checkbox. Ensure this is selected.
Locked out. Ensure checkbox this is NOT selected.
These settings are needed so that the access token for OAuth will be generated
Web service access only. Ensure this checkbox is selected
User ID | rest.user |
Password | rest.user |
Web service access only | true |
Navigate to the Roles tab below and click Edit to assign role to the user
.png?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(63).png")
Search for the sn_vul.read_all role and assign it to the user. This is needed to get the CMDB data
.png?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(63).png")
.png?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(67).png")
DataBee Configuration
Log into the DataBee console and navigate to the Data tab. Click Add New Data Source
.png?sv=2022-11-02&spr=https&st=2024-11-07T20%3A35%3A10Z&se=2024-11-07T20%3A45%3A10Z&sr=c&sp=r&sig=aTd5qyAgPMEnAIURuGKZ0tzbKc4wAJXFSDzqwCSbd18%3D?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D)
Search and select ServiceNow CMDB
.png?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(64).png")
Click on API Ingest button
.png?sv=2022-11-02&spr=https&st=2024-11-07T20%3A35%3A10Z&se=2024-11-07T20%3A45%3A10Z&sr=c&sp=r&sig=aTd5qyAgPMEnAIURuGKZ0tzbKc4wAJXFSDzqwCSbd18%3D?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D)
In the contact information, dialog boxes enter a name for the datasource and owner information
In the configuration dialog box, enter the following:
• Authorization Method: OAuth2
• Username / Password: Enter the API username/password created earlier.
• Client Secret: Paste the Client Secret generated earlier
• Client Key: Paste the Client ID generated earlier
• Auth URL: https://<instance>.service-now.com/oauth_token.do
• API URL:
https://<instance>.service-now.com/api/now/table/cmdb_ci
https://<instance>.service-now.com/api/now/cmdb/instance/<sys_class_name>/<sys_id>
Replace
<instance>with your actual instance ID.
.png?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(66).png")
Click Submit
.png?sv=2022-11-02&spr=https&st=2024-11-07T20%3A35%3A10Z&se=2024-11-07T20%3A45%3A10Z&sr=c&sp=r&sig=aTd5qyAgPMEnAIURuGKZ0tzbKc4wAJXFSDzqwCSbd18%3D?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D)
.png?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(64).png")
.png?sv=2022-11-02&spr=https&st=2024-11-07T20%3A35%3A10Z&se=2024-11-07T20%3A45%3A10Z&sr=c&sp=r&sig=aTd5qyAgPMEnAIURuGKZ0tzbKc4wAJXFSDzqwCSbd18%3D?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D)
.png?sv=2022-11-02&spr=https&st=2024-11-07T21%3A12%3A22Z&se=2024-11-07T21%3A22%3A22Z&sr=c&sp=r&sig=r%2B5bUKf3bSPli3caNBA7skQeJHBQs0HuTjkcM797ZMc%3D?sv=2022-11-02&spr=https&st=2024-11-21T11%3A09%3A47Z&se=2024-11-21T11%3A19%3A47Z&sr=c&sp=r&sig=NW%2BcaZnrpuUNSFfJE3qbhkG%2FitSdE%2FBpiLj3QE1ls3w%3D "image(66).png")
Was this article helpful?