Elements Vulnerability Management Portal Changelog
Comments
-
Version 4.29.1 released July 25, 2023
Fixed issues:
- [RADAR-25652] - Resolved a bug where "Current usage" entries were duplicated in the Settings>General settings page (Subscription details) on the company level for IP utilization. The fix ensures that the entries are no longer duplicated, providing accurate and non-repetitive information for the users.
- [RADAR-25667] - Resolved a misconfiguration issue that caused the interchange between "noreply@fsecure" and "noreply@withsecure.com" as the sender email address. The fix ensures that the sender email address will be set to "noreply@withsecure.com" as intended, providing consistency and clarity in email communication.
The portal will now send notifications with visibility for all recipients, resolving the issue of receiving duplicate emails. To ensure emails are received by only one recipient, users can add a new row in the portal, specifying the rule with a single recipient attached.
0 -
Version 4.29.2 released August 10, 2023
Fixed issues:
- [RADAR-25695] - Clarified usage calculation explanation in the Subscription details section of the Settings page to address the inclusion of deleted scanned targets. The calculation considers deleted scanned targets to ensure accurate tracking.
- [RADAR-25757, RADAR-25778] - Fixed a bug where the "Discovery Scan has started" email notification was not sent to subscribers when the scan runs quickly. Additionally, resolved an issue where selecting the "Scan start" option in the scan's settings incorrectly triggered a "Discovery Scan has finished" notification.
0 -
Version 4.30.0 released August 24, 2023
New features and improvements:
- [RADAR-25858] - Improved the performance of risk score calculation for numerous assets.
0 -
Version 4.30.1 released September 14, 2023
Fixed issues:
- [RADAR-25933] - Addressed an issue where the session of the Elements Vulnerability Management subapp would crash after being inactive for approximately an hour or longer. This issue has been resolved to ensure a stable user experience.
- [RADAR-25966] - Corrected a typo in the French translation of the Executive summary .docx file
report. The term "Risque de la ressoruce" has been updated to "Risque de la ressource" for accuracy and clarity.
0 -
Version 4.31.0 released September 28, 2023
New features and improvements:
- [RADAR-25008] - Dynamic Assets Risk Score has been enabled.
Static Asset Risk Score was calculated based only on the CVSS base score, with an additional boost for old and/or exploitable vulnerabilities, enhanced with the asset importance mark and internet exposure flag.
Here are the improvements introduced in the second version of Asset Risk Score, that is called "Dynamic Risk Score" with different boost factors:- Is slightly (from -10% up to +60%) corrected with EPSS (exploit prediction) score together, when there are no signs of exploitation
- Is boosted between 20-70% when there is an exploit. The boost depends on our knowledge about the maturity of the exploit or observation of incidents related to the vulnerability.
- Is boosted according to the number and age of cyber security reports describing the vulnerability
- With other impacting factors such as:
- Taking into account a few most severe vulnerabilities, as opposed to static risk score that only took the first top one.
- Taking into account the asset importance that is set by the customer.
- Taking into account the visibility of the asset from public internet.
Fixed issues:
- [RADAR-25538] - The misconfiguration causing the interchange between "noreply@f-secure" and "noreply@withsecure.com" will be resolved, and the sender email address will be set to "noreply@withsecure.com" as intended in the Discovery scans started/finished/terminated notifications. The appearance of email message has also been updated.
- [RADAR-25977] - Resolved an issue where asset names were not displayed correctly on related widgets within the Dashboard page due to a text formatting problem.
0 - [RADAR-25008] - Dynamic Assets Risk Score has been enabled.
-
Version 4.31.1 released October 12, 2023
Fixed issues:
- [RADAR-25930] - Implemented a fix for passing values through the second dropdown in the bottom panel, specifically related to the Importance attribute.
- [RADAR-26032] - In light of the introduction of CVSSv3 and the presence of the info icon next to vulnerabilities providing transition information, the additional message is no longer necessary. Therefore, this message has been removed from the portal.
0 - [RADAR-25930] - Implemented a fix for passing values through the second dropdown in the bottom panel, specifically related to the Importance attribute.
-
Version 4.31.2 released October 24, 2023
Fixed issues:
- [RADAR-26034] - Resolved an issue where the 'Vulnerabilities and findings' section was missing in the Asset details view. Now, when a scan creates or updates a specific asset, only that asset will have a list of vulnerabilities. Vulnerability counters in assets created by the same scan in the past will no longer be updated, and their 'Vulnerabilities and findings' section will be disabled.
0 -
Version 4.31.3 released November 07, 2023
Fixed issues:
- [RADAR-25878] - Resolved an issue related to the reading of asset risk score values in summary reports.
- [RADAR-25960] - Fixed an issue where users were unable to delete custom vulnerability statuses. When a new vulnerability status was created and then subsequently removed, the removed status no longer appears in the list. Additionally, when deleting a custom vulnerability status, all vulnerabilities previously affected by that status are now correctly reassigned to the default state.
0 -
Version 4.31.4 released November 14, 2023
Fixed issues:
- [RADAR-26378] - Fixed an issue related to the inconsistency between risk score labels obtained from the user interface (UI) and those presented in the summary report. Previously, users might have encountered discrepancies in the risk score labels, causing confusion in the interpretation of security assessments.
0 - [RADAR-26378] - Fixed an issue related to the inconsistency between risk score labels obtained from the user interface (UI) and those presented in the summary report. Previously, users might have encountered discrepancies in the risk score labels, causing confusion in the interpretation of security assessments.
-
Version 4.31.5 released November 30, 2023
Fixed issues:
- [RADAR-14442] - Resolved an issue with Web Scan targets that previously considered the '/' character in GET parameters as invalid. Targets with URLs in this format are now validated correctly.
- [RADAR-26379] - Resolved an issue related to the absence of filtering by system tags (those derived from vulnerability scans) on the Assets page.
- [RADAR-26469] - Resolved an issue where company-level statistics for Vulnerability Management on the Elements dashboard were not displaying any data.
0 -
Version 4.31.6 released December 07, 2023
Fixed issues:
- [RADAR-13209] - Resolved an issue in Vulnerability Management Event log filtering functionality where setting both 'Date from' and 'Date to' filter items to the same date resulted in an empty list instead of displaying events for that specific date.
0 - [RADAR-13209] - Resolved an issue in Vulnerability Management Event log filtering functionality where setting both 'Date from' and 'Date to' filter items to the same date resulted in an empty list instead of displaying events for that specific date.
-
Version 4.31.7 released December 21, 2023
Fixed issues:
- [RADAR-26132] - The issue with generating summary reports based on tags within the Scan scope has been resolved. The selected scans from the wizard now accurately reflect the total count based on the applied tags.
1 - [RADAR-26132] - The issue with generating summary reports based on tags within the Scan scope has been resolved. The selected scans from the wizard now accurately reflect the total count based on the applied tags.
-
Version 4.31.8 released January 22, 2024
Fixed issues:
- [RADAR-26623] - Resolved an issue in the summary report configurator that caused it to display incorrect values of selected assets and scans.
0 - [RADAR-26623] - Resolved an issue in the summary report configurator that caused it to display incorrect values of selected assets and scans.
-
Version 4.31.9 released February 12th, 2024
Fixed issues:
- [RADAR-26365] - Resolved an issue with delays in granting user access to companies.
- [RADAR-26685] - Resolved an issue with invalid redirection to pages that allow changing password or multi-factor authentication.
- [RADAR-26834] - Resolved an issue where the incorrect company logo was being displayed on the Web Scan Report.
0 -
Version 4.32.0 released March 14th, 2024
New features and improvements:
- [RADAR-26133] The scan group access rights management has been removed. As a result, every user within the organization now has access to view all scan groups. However, the permissions for managing individual scans within these groups remain unchanged.
Fixed issues:
- [RADAR-26977] Resolved an issue that prevented tags from being permanently deleted after removing them from assets or scans. This caused tags to reappear in the auto-completion field when adding or removing tags. Now, tags are deleted permanently if they are not used in any other assets or scans.
- [RADAR-26851] Resolved an issue where the multi-factor authentication (MFA) requirement screen was not displaying correctly. The screen will now properly inform users when their company requires MFA.
1 -
Version 4.32.1 released April 12th, 2024
Fixed issues and minor improvements:
- [RADAR-26823] Resolved an issue where viewing ticket details was not possible when all tickets were marked with a status from the “closed” group.
- [RADAR-26980] Network Scans view now runs in scan group view by default, instead of list view.
- [RADAR-27141] Resolved an issue with incorrectly displayed characters in system scan emails.
- [RADAR-27269] Resolved an issue where VM dashboards were not displaying any data if scan group filtering was applied.
- [RADAR-27292] Resolved an issue when filtering data for histogram and gauge did not take scan groups selection into account.
0 -
Version 4.32.2 released May 9th, 2024
Fixed issues and minor improvements:
- [RADAR-27141] Resolved an issue with incorrectly displayed characters in system scan emails.
0 -
Version 4.32.3 released May 20th, 2024
Fixed issues and minor improvements:
- [RADAR-27676] Resolved UI permissions issue for users assigned to upper-level organizations (SOP/SEP). All users now have proper views enabled.
0 -
Version 4.32.4 released May 24th, 2024
Fixed issues and minor improvements:
[RADAR-27683] Fixed an issue related to the API response for fetching vulnerabilities associated with a single asset.
0 -
Version 4.32.5 released May 31st, 2024
Fixed issues and minor improvements:
[RADAR-27751] Resolved and issue with missing API endpoints for managing status of a vulnerability in affected assets.
0 -
Version 4.33.0 released June 19th, 2024
New features and improvements:
- [RADAR-26979] Elements Vulnerability Management supports SNMP for system scan configuration. Users can now configure authentication using SNMP v3.
Fixed issues and minor improvements:
- [RADAR-27292] Resolved an issue with "Overall statistics" gauge widget that was not including data from Elements Agents.
- [RADAR-27690] Product subscription names in Device Discovery view have been updated. Read more.
0 - [RADAR-26979] Elements Vulnerability Management supports SNMP for system scan configuration. Users can now configure authentication using SNMP v3.
-
Version 4.33.1 released July 12th, 2024
Fixed issues and minor improvements:
- [RADAR-22575] API Keys view has been moved to organization settings page and is available as a tab at the top of the page.
- [RADAR-26976] Resolved an issue where Discovery Scan details view was not displaying hosts that had changed status from online to offline, when filtered by “status change”. It's necessary to restart the scan.
[RADAR-27521] Scan node immediate notifications layout has been updated.
[RADAR-27855] Resolved multiple issues in Vulnerability details view. In 'Affected network scan targets' section filtering by scan groups has been fixed, as well as saving, updating, restoring and clearing the filter.
0 -
Version 4.33.2 released July 22nd, 2024
Fixed issues and minor improvements:
- [RADAR-28111] Resolved an issue with filtering by scan tags in Assets List view.
- [RADAR-28113] Resolved an issue with summary email notifications. Hourly, daily and weekly summary emails are sent and delivered correctly now.
0 -
Version 4.33.3 released August 8th, 2024
Fixed issues and minor improvements:
- [RADAR-28112] Resolved an issue where configuring the donut widget with "vulnerabilities" as the source and "system scan vulnerabilities by category" as the content resulted in an error. The widget works properly now.
- [RADAR-28212] Resolved an issue where the Preliminary PCI summary report was missing CVSS v3 data.
- [RADAR-28269] Resolved an issue where the summary report failed to generate when it contained web scan report data with long vulnerability descriptions.
0 -
Version 4.33.4 released September 17th, 2024
Fixed issues and minor improvements:
- [RADAR-28294] Added support for Agent based scanning with "Exposure Management subscription".
- [RADAR-28391] Resolved an issue with displaying discovery scan results.
- [RADAR-28397] Added support for Palo Alto devices for authenticated system scan via API.
0 -
Version 4.33.5 released September 24th, 2024
Fixed issues and minor improvements:
- [RADAR-28160] Added language selection to summary report wizard.
- [RADAR-28350] Resolved an issue with displaying discovery scan results if the previous report was deleted due to retention period.
0 -
Version 4.33.6 released October 22nd, 2024
Fixed issues and minor improvements:
- [RADAR-28330] Resolved an issue with missing data from Endpoint Agent scans on Home → Overview → Vulnerability Management widget.
0 -
Version 4.33.7 released October 30th, 2024
Fixed issues and minor improvements:
- [RADAR-28675] User creation has been disabled in VM. Action button is redirects to Management → Organization Settings → Security Administrators view instead. API endpoints has been marked with “End of Life” attribute.
- [RADAR-28702] In Asset details view, a description of “Last updated” field in the tooltip has been updated.
0 -
Version 4.33.8 released November 27th, 2024
Fixed issues and minor improvements:
- [RADAR-29015] Resolved an issue where the language dropdown in Summary Reports wizard included unsupported languages. The dropdown menu now only contains supported languages.
- [RADAR-29023] Resolved an issue preventing the proper restoration of the default dashboard. Users can now restore the default dashboard correctly.
0 -
Version 4.33.9 released December 17th, 2024
Fixed issues and minor improvements:
- [RADAR-29284] The Internet Discovery page now utilizes the new scanning engine, Shodan.io.
- [RADAR-29392] Resolved an issue with duplicated headers on multiple pages.
- [RADAR-28858] Obsolete API endpoints have been permanently removed and are no longer available.
0
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support