Elements Vulnerability Management Portal Changelog

Wojciech Niemczyk

Version 4.29.1 released July 25, 2023

Fixed issues:

• [RADAR-25652] - Resolved a bug where "Current usage" entries were duplicated in the Settings>General settings page (Subscription details) on the company level for IP utilization. The fix ensures that the entries are no longer duplicated, providing accurate and non-repetitive information for the users.
  
• [RADAR-25667] - Resolved a misconfiguration issue that caused the interchange between "noreply@fsecure" and "noreply@withsecure.com" as the sender email address. The fix ensures that the sender email address will be set to "noreply@withsecure.com" as intended, providing consistency and clarity in email communication.
  The portal will now send notifications with visibility for all recipients, resolving the issue of receiving duplicate emails. To ensure emails are received by only one recipient, users can add a new row in the portal, specifying the rule with a single recipient attached.
  
  
  

Wojciech Niemczyk

Version 4.29.2 released August 10, 2023

Fixed issues:

• [RADAR-25695] - Clarified usage calculation explanation in the Subscription details section of the Settings page to address the inclusion of deleted scanned targets. The calculation considers deleted scanned targets to ensure accurate tracking.
  
• [RADAR-25757, RADAR-25778] - Fixed a bug where the "Discovery Scan has started" email notification was not sent to subscribers when the scan runs quickly. Additionally, resolved an issue where selecting the "Scan start" option in the scan's settings incorrectly triggered a "Discovery Scan has finished" notification.
  

Wojciech Niemczyk

Version 4.30.0 released August 24, 2023

New features and improvements:

• [RADAR-25858] - Improved the performance of risk score calculation for numerous assets.

Wojciech Niemczyk

Version 4.30.1 released September 14, 2023

Fixed issues:

• [RADAR-25933] - Addressed an issue where the session of the Elements Vulnerability Management subapp would crash after being inactive for approximately an hour or longer. This issue has been resolved to ensure a stable user experience.
  
• [RADAR-25966] - Corrected a typo in the French translation of the Executive summary .docx file
  report. The term "Risque de la ressoruce" has been updated to "Risque de la ressource" for accuracy and clarity.
  
  
  

NataliaPopielarz_1

Version 4.31.0 released September 28, 2023

New features and improvements:

• [RADAR-25008] - Dynamic Assets Risk Score has been enabled.
  Static Asset Risk Score was calculated based only on the CVSS base score, with an additional boost for old and/or exploitable vulnerabilities, enhanced with the asset importance mark and internet exposure flag.
  Here are the improvements introduced in the second version of Asset Risk Score, that is called "Dynamic Risk Score" with different boost factors:
  • Is slightly (from -10% up to +60%) corrected with EPSS (exploit prediction) score together, when there are no signs of exploitation
  • Is boosted between 20-70% when there is an exploit. The boost depends on our knowledge about the maturity of the exploit or observation of incidents related to the vulnerability.
  • Is boosted according to the number and age of cyber security reports describing the vulnerability
  • With other impacting factors such as:
    • Taking into account a few most severe vulnerabilities, as opposed to static risk score that only took the first top one.
    • Taking into account the asset importance that is set by the customer.
    • Taking into account the visibility of the asset from public internet.

Fixed issues:

• [RADAR-25538] - The misconfiguration causing the interchange between "noreply@f-secure" and "noreply@withsecure.com" will be resolved, and the sender email address will be set to "noreply@withsecure.com" as intended in the Discovery scans started/finished/terminated notifications. The appearance of email message has also been updated.
  
  

• [RADAR-25977] - Resolved an issue where asset names were not displayed correctly on related widgets within the Dashboard page due to a text formatting problem.
  

Wojciech Niemczyk

Version 4.31.1 released October 12, 2023

Fixed issues:

• [RADAR-25930] - Implemented a fix for passing values through the second dropdown in the bottom panel, specifically related to the Importance attribute.
  
  
  

• [RADAR-26032] - In light of the introduction of CVSSv3 and the presence of the info icon next to vulnerabilities providing transition information, the additional message is no longer necessary. Therefore, this message has been removed from the portal.
  
  
  
  

Wojciech Niemczyk

Version 4.31.2 released October 24, 2023

Fixed issues:

• [RADAR-26034] - Resolved an issue where the 'Vulnerabilities and findings' section was missing in the Asset details view. Now, when a scan creates or updates a specific asset, only that asset will have a list of vulnerabilities. Vulnerability counters in assets created by the same scan in the past will no longer be updated, and their 'Vulnerabilities and findings' section will be disabled.

Wojciech Niemczyk

Version 4.31.3 released November 07, 2023

Fixed issues:

• [RADAR-25878] - Resolved an issue related to the reading of asset risk score values in summary reports.
• [RADAR-25960] - Fixed an issue where users were unable to delete custom vulnerability statuses. When a new vulnerability status was created and then subsequently removed, the removed status no longer appears in the list. Additionally, when deleting a custom vulnerability status, all vulnerabilities previously affected by that status are now correctly reassigned to the default state.
  
  

Wojciech Niemczyk

Version 4.31.4 released November 14, 2023

Fixed issues:

• [RADAR-26378] - Fixed an issue related to the inconsistency between risk score labels obtained from the user interface (UI) and those presented in the summary report. Previously, users might have encountered discrepancies in the risk score labels, causing confusion in the interpretation of security assessments.
  
  

Wojciech Niemczyk

Version 4.31.5 released November 30, 2023

Fixed issues:

• [RADAR-14442] - Resolved an issue with Web Scan targets that previously considered the '/' character in GET parameters as invalid. Targets with URLs in this format are now validated correctly.
  
• [RADAR-26379] - Resolved an issue related to the absence of filtering by system tags (those derived from vulnerability scans) on the Assets page.
  
• [RADAR-26469] - Resolved an issue where company-level statistics for Vulnerability Management on the Elements dashboard were not displaying any data.
  
  
  

Wojciech Niemczyk

Version 4.31.6 released December 07, 2023

Fixed issues:

• [RADAR-13209] - Resolved an issue in Vulnerability Management Event log filtering functionality where setting both 'Date from' and 'Date to' filter items to the same date resulted in an empty list instead of displaying events for that specific date.
  
  

Wojciech Niemczyk

Version 4.31.7 released December 21, 2023

Fixed issues:

• [RADAR-26132] - The issue with generating summary reports based on tags within the Scan scope has been resolved. The selected scans from the wizard now accurately reflect the total count based on the applied tags.
  
  

Wojciech Niemczyk

Version 4.31.8 released January 22, 2024

Fixed issues:

• [RADAR-26623] - Resolved an issue in the summary report configurator that caused it to display incorrect values of selected assets and scans.
  
  

NataliaPopielarz

Version 4.31.9 released February 12th, 2024

Fixed issues:

• [RADAR-26365] - Resolved an issue with delays in granting user access to companies.
• [RADAR-26685] - Resolved an issue with invalid redirection to pages that allow changing password or multi-factor authentication.
• [RADAR-26834] - Resolved an issue where the incorrect company logo was being displayed on the Web Scan Report.

NataliaPopielarz

Version 4.32.0 released March 14th, 2024

New features and improvements:

• [RADAR-26133] The scan group access rights management has been removed. As a result, every user within the organization now has access to view all scan groups. However, the permissions for managing individual scans within these groups remain unchanged.

Fixed issues:

• [RADAR-26977] Resolved an issue that prevented tags from being permanently deleted after removing them from assets or scans. This caused tags to reappear in the auto-completion field when adding or removing tags. Now, tags are deleted permanently if they are not used in any other assets or scans.
• [RADAR-26851] Resolved an issue where the multi-factor authentication (MFA) requirement screen was not displaying correctly. The screen will now properly inform users when their company requires MFA.

NataliaPopielarz

Version 4.32.1 released April 12th, 2024

Fixed issues and minor improvements:

• [RADAR-26823] Resolved an issue where viewing ticket details was not possible when all tickets were marked with a status from the “closed” group.
• [RADAR-26980] Network Scans view now runs in scan group view by default, instead of list view.
• [RADAR-27141] Resolved an issue with incorrectly displayed characters in system scan emails.
• [RADAR-27269] Resolved an issue where VM dashboards were not displaying any data if scan group filtering was applied.
• [RADAR-27292] Resolved an issue when filtering data for histogram and gauge did not take scan groups selection into account.