Nov 16, 20226.6.169

New

  • Checks. We added checks for Citrix ADC and Gateway vulnerabilities, CVE-2022-27510, CVE-2022-27513, and CVE-2022-27516.

Improved

  • UI changes. We made updates to several pages in Administration to move the new and create buttons to the top of the page.
  • Fingerprint proof. We updated the fingerprint for Oracle Fusion Middleware to include install location information.
  • CIS benchmark. We updated the CIS builtin policy benchmark for SUSE Linux Enterprise 15 to version 1.1.0.

Fixed

  • Cyberark with Kerberos in shared credential set up can now be selected.
  • User created Goals now process successfully for users whose profiles were deleted and then recreated.
  • Remediator Export (CSV) now downloads if an asset has been removed or deleted from a Project.
  • The check logic for CVE-2020-4589 now only affects IBM WebSphere Application Server.
  • The check logic for CVE-2021-24078 affecting Windows DNS Servers has been updated to reduce false positives.
  • Agent scans no longer incorrectly attempt to restore scans when the Security Console restarts.

Security Updates

  • We remediated CVE-2022-42889 in the Security Console and Scan Engine by upgrading the Apache Commons Text component. For more information read our blog.