New

• Added mitigation checks. Authenticated scans and Agent-based assessments can now determine whether the JNDILookup class removal mitigation for Log4Shell has been applied to Log4j JAR files on Windows systems.

Improved

• Added Scan Diagnostics check. We added a Scan Diagnostics check that reports when an SSH connection is successful but the command line environment is not usable.
• Updated F5 BIG-IP check. We updated our F5 BIG-IP vulnerability check to improve coverage and reduce false positives.

Fixed

• When scanned assets fail to integrate, the failure no longer causes incorrect last scan asset details or false positives based on last scan details.
• Updating the OS of an imported asset no longer results in any errors and now receives a 200 OK response.
• Insight Platform Login enabled users can now run diagnostics when going from EA to the console without receiving a 500 error message.