Feb 01, 20236.6.178

New

  • CIS benchmarks. We added built-in support for the following CIS benchmarks:
    • Red Hat Enterprise Linux 8, version 2.0.0
    • Red Hat Enterprise Linux 8 STIG, version 1.0.0
    • Red Hat Enterprise Linux 9, version 1.0.0

Improved

  • CSV Export Report. We improved the memory usage of the CSV Export Report.
  • Scan Engine. We improved how the Scan Engine determines the quality of Windows CIFS/SMB credentials. If the credential lacks the permission required to read from the scan target's registry, the Scan Engine now reports the credential as failed against a given scan target.

Fixed

  • AWS discovery connections now correctly remove assets terminated by BidEvictedEvent.
  • To protect against a Denial of Service, only one command can run through the Run Security Console commands screen or through the /api/3/administration/commands REST endpoint at a time.
  • Fixed CVE-2022-3913, an issue with certificate validation checking during updates. To read more about this issue see our blog post here.
  • We updated the check logic for CVE-2022-38001, CVE-2022-38048, CVE-2022-38049, and CVE-2022-41031 which affect Microsoft Office to reduce false positives.
  • We updated check logic for CVE-2021-3450 affecting Red Hat Enterprise Linux to reduce false positives.