Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud

A cybersecurity researcher has uncovered five zero-day vulnerabilities and over 20 configuration risks in Salesforce’s cloud components.

On June 10, Aaron Costello, Chief of SaaS Security Research at AppOmni, released a new report sharing the findings of an investigation into Salesforce’s industry cloud offerings – a suite of solutions designed to enable organizations to build industry-specific applications and workflows in a simplified, low-code manner.

These misconfigurations Costello identified could enable unauthorized individuals to access encrypted sensitive data, including employee and customer information, session logs detailing user interactions with Salesforce industry cloud, credentials for Salesforce and other corporate systems, as well as proprietary business logic.

To read the complete article see: InfoSecurity Magazine

Learn more here: AppOmni Blog