New
- CIS benchmarks. We added built-in support for the following CIS benchmarks:
- Red Hat Enterprise Linux 8, version 2.0.0
- Red Hat Enterprise Linux 8 STIG, version 1.0.0
- Red Hat Enterprise Linux 9, version 1.0.0
Improved
- CSV Export Report. We improved the memory usage of the CSV Export Report.
- Scan Engine. We improved how the Scan Engine determines the quality of Windows CIFS/SMB credentials. If the credential lacks the permission required to read from the scan target's registry, the Scan Engine now reports the credential as failed against a given scan target.
Fixed
- AWS discovery connections now correctly remove assets terminated by BidEvictedEvent.
- To protect against a Denial of Service, only one command can run through the
Run Security Console commandsscreen or through the/api/3/administration/commandsREST endpoint at a time. - Fixed CVE-2022-3913, an issue with certificate validation checking during updates. To read more about this issue see our blog post here.
- We updated the check logic for CVE-2022-38001, CVE-2022-38048, CVE-2022-38049, and CVE-2022-41031 which affect Microsoft Office to reduce false positives.
- We updated check logic for CVE-2021-3450 affecting Red Hat Enterprise Linux to reduce false positives.