New
- CVSS v3 Severity dashboard cards. We added seven new dashboard cards with severity categorization based on CVSS v3. These cards allow you to view:
- Exploitable Vulnerabilities by CVSS Score (Grouped by V3 Category)
- Exploitable Vulnerability Discovery Date by CVSS Score (Grouped by V3 Category)
- Exploitable Vulnerability Publish Age by CVSS Score (Grouped by V3 Category)
- Vulnerability Count By CVSS Score Over Time (Grouped by V3 Category)
- Vulnerabilities by CVSS Score (Grouped by V3 Category)
- Vulnerability Discovery Date by CVSS Score (Grouped by V3 Category)
- Vulnerability Publish Age by CVSS Score (Grouped by V3 Category)
- Scan Assistant version. Scan Assistant version 1.1.0 is now available for download.
Improved
- Java Runtime Environment (JRE). Product version 6.6.142 improves the application’s security by upgrading the JRE included with the Security Console to Zulu OpenJDK 1.8.0_332.
- Automatic Scan Assistant updates. The Scan Assistant can now be updated to the latest version when scanned by the Scan Engine. This feature is supported with Scan Assistant version 1.1.0 and later, and is available for opt-in via the Scan Assistant tab in the Scan Template.
- Scan Assistant certificate rotation. The Security Console now pushes an imported or generated Scan Assistant certificate with a later expiration date than the one currently in use out to the authenticated instances of the Scan Assistant. This feature is supported with Scan Assistant version 1.1.0 and later, and is available for opt-in via the Scan Assistant tab in the Scan Template.
- Scan times. We improved scan times for HTTP(S) services.
Fixed
- Remediation Projects now consistently display the best solution for a vulnerability.
- We improved RHEL RPM checks to consider specific RPM source (distribution tag), reducing false positives.