Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities

2023-05-31 13:00

Improperly deactivated and abandoned Salesforce Sites and Communities could pose severe risks to organizations, leading to unauthorized access to sensitive data.

"Because these unused sites are not maintained, they aren't tested against vulnerabilities, and Admins fail to update the site's security measures according to newer guidelines."

Varonis said it found many of these deactivated sites still fetching new data, thereby allowing threat actors to extract data by manipulating the host header in the HTTP request.

Compounding the risk further is the fact that the obsolete sites lack the latest security protections, making them an ideal target for threat actors looking to siphon sensitive information.

"The exposed data is not restricted to only old data from when the site was in use; it also includes new records that were shared with the guest user, due to the sharing configuration in their Salesforce environment," the researchers said.

To mitigate the threats associated with ghost sites, organizations are advised to keep track of all Salesforce sites and their respective users' permissions.

News URL

https://thehackernews.com/2023/05/beware-of-ghost-sites-silent-threat.html

#salesforce #threat

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Ghost		2	0	14	2	3	19