Mar 03, 20216.6.70

New

  • New Microsoft Windows Server policy: We added a new Center for Internet Security (CIS) policy that provides coverage for Microsoft Windows Server 2016.

Improved

  • Improved Goal performance: Goals will now process more efficiently and provide more frequent status updates.
  • More table sorting options for Goals and SLAs: The following columns in Goal and SLA detail views are now sortable:
    • Affected Assets
    • Vulnerability Instances
    • Status
    • Due Date
    • Discovery Date
    • Past Due
    • In Grace Period
Customer Requested
  • Updated PostgreSQL policy: We updated our Defense Information Systems Agency (DISA) PostgreSQL 9.x benchmark to version 2, release 1.

Fixed

  • We identified and fixed various issues with the Executive Summary report. These fixes include, but are not limited to, the risk score chart and the percent of your environment tagged by a certain type of tag. You may see a minor divergence in expected reporting results due to these fixes.
  • GET requests to the /api/3/scans/{id} APIv3 endpoint for any scan ID will now contain the username of the user who started the scan in the response.
  • We added support for the V-3487 and V-1077 rules to all applicable Windows Servers DISA policies.
  • We fixed an issue that caused InsightVM to fingerprint multiple kernels on systems, resulting in false positives.
  • We fixed an issue where vulnerability investigations that were opened by since deleted user accounts would show a data retrieval error. In addition to once again being viewable, investigations like this will now indicate that the original user account was deleted.
  • We fixed two issues affecting the Top Remediations with Details report:
    • Instances of this report that are scoped to a particular site will no longer include assets that were deleted from the selected site. This issue originally appeared when an asset belonged to multiple sites but was only deleted from the site selected for the report's scope.
    • Non-admin users who generate this report with asset group scope will now see that the Assets section of the report populates as expected. This issue originally appeared when the user's permissions were limited to asset groups only without having access to sites.
  • We resolved false negatives for several Microsoft Windows vulnerabilities by updating the supersedence information for CVEs linked to updates for CVE-2020-1472.
  • We updated our checks for CVE-2020-1472 to address false positives that could occur when scanning Windows Domain Controllers.