Skip to Content
Release NotesInsightvmIndex

May 19, 2021

This release includes updated CIS policy content and improved SSH support for the Scan Engine.

Improved

  • Updated Center for Internet Security (CIS) policies: We updated the following CIS policies:
    • Ubuntu Linux 18.04 LTS, version 2.1.0
    • Cisco IOS 15, version 4.1.0
  • Improved Scan Engine SSH support: The Scan Engine now supports SSH endpoints using the ssh-ed25519 host key and the curve25519-sha256 key exchange algorithm. In addition, the Scan Engine can now also connect to SSH endpoints using the following ciphers:
    • aes128-gcm@openssh.com
    • aes256-gcm@openssh.com

Fixed

  • In-progress data retention tasks will no longer prevent the Security Console from performing a restart, such as the one required during the creation of a Security Console backup.

Other Changes

  • We modified our openssh-x11-cookie-auth-bypass vulnerability check (CVE-2007-4752) to exclude Check Point systems. This change reflects the guidance provided by Check Point on the status of OpenSSH CVEs.