New

• Added TLS support. We now support scanning for TLS 1.3 services.
• Added Log4j check. We added an obsolete vulnerability check for Log4j 1.x.
• New Metasploit-based vulnerability coverage. We released coverage for three CVEs through the Metasploit Remote Check Service. This service needs to be explicitly enabled on Scan Engines via the Security Console as described in our docs . Coverage includes remote checks for:
  • CVE-2019-9082 (ThinkPHP)
  • CVE-2020-25213 (wp-file-manager)
  • CVE-2020-8816 (AdminLTE)

Improved

Fixed

• The Asset page now displays changes made to the Google Cloud Platform ID.
• Vulnerability investigations no longer fail when included in an asset group in a site.
• Credential restrictions are now honored in site configuration.
• Agent-based scans now remove any deprecated vulnerabilities present on assets.
• ServiceNow integrations enabled with multiple languages are now supported for Remediation Projects.
• When assigning users to tickets in Remediation Projects, entering a username in the drop-down field now works correctly.
• An edge case where a ServiceNow ticket update was not reflected in the Remediation Project app is now handled by the Remediation Projects ServiceNow integration.
• Retrieving Jira fields for connection issue types in Japanese or 2-byte character strings no longer causes an error.
• The regex command of CIS Win10 v1.10.1 Rile 2.3.10.8 L1 is now case-insensitive.

Security Updates

• We fixed CVE-2022-0757, an SQL injection vulnerability affecting the “ALL” and “ANY” operators for filter queries in the Security Console. Manipulation of the “ALL” or “ANY” filter query operators could have allowed for SQL injection attacks. This issue affects all Security Console versions up to and including 6.6.128. If your Security Console currently falls on or within this affected range, ensure that you update your Security Console to the latest version. Special thanks to Aleksey Solovev (Positive Technologies) for reporting this issue to Rapid7.