cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Permission issue on the BDNA program files folder.

Hi Support,

We’ve got insecure service file permissions, and we’ll need to ratchet these down to an appropriate security; I guess we’ll need guidance from your support?

There are the existing permissions how it looks like at the current state.

We don't want everyone access permission there. Can we just give teh service account to have R/W permission and remove the everyone from the list.

Plugin Output:

Path : c:\program files\bdna\user console\bin\bdna.normalizebi.service.exe

Used by services : UserConsoleService

File write allowed for groups : Users

 

Path : d:\sv-snbdna-tts\bdnashareprod\agent\bin\wrapper-windows-x86-64.exe

Used by services : snc_mid_sv-snbdna-tts

File write allowed for groups : Everyone

Full control of directory allowed for groups : Everyone

 

Path : d:\sv-snbdna-tts\service-now-dev\agent\bin\wrapper-windows-x86-64.exe

Used by services : nc_mid_sv-snbdnadev-tts

File write allowed for groups : Everyone

Full control of directory allowed for groups : Everyone

(3) Replies
RQuinn
By
Flexera Alumni

Hi @g_michael ,

 

Thank you for the question. I will reach out to you directly via a support case to discuss your question in more detail.

We are also having the same issue - our InfoSec dept identified this as a vulnerability which must be remediated asap.

 

Could you please share the solution(s) you found with the community?

 

Thank you very much!

Hi Bruce

If your issue is wrt to Path : c:\program files\bdna\user console\bin\bdna.normalizebi.service.exe

You will be able to allow the Service Account to have the R\W permissions and remove the other users from the list.

We would recommend testing this in your DEV environment before going live in production but we do not foresee any issues with this. However, it is always good to test encase any anomalies arise.

If your query is regarding a different vulnerability, please provide more details.

Thank you