EVM System Scan Changelog

Sylwia
Sylwia Posts: 44 WithSecure Employee

Elements Vulnerability Management System Scan feature changes will be published under this announcement thread.

Every time there is a change, an entry will be created under this announcement describing new functionalities, improvements or bug fixes.

📝 Click here to see the most recent change log and bookmark the discussion to be notified of any updates.

Tagged:
«1

Comments

  • Sylwia
    Sylwia Posts: 44 WithSecure Employee

    Old change log

    Publication time frame: February 2022 - May 2022

    Version 78303, released February 9, 2022

    [RADAR-20021] - System Scan engine migrated to .Net 5 self-contained

    Version 78738, released February 22, 2022

    [RADAR-21822] - Improved the troubleshooting of a failed authenticated scan

    [RADAR-21563] - Authenticated scans now report MySQL End of Life versions

    Version 78937, released March 1, 2022

    [RADAR-21936] - Increased the dynamic limit (calculated based on the amount of data to scan) that the Log4j library scan can take. This should resolve problems in hosts with slower I/O.

    Version 78995, released March 3, 2022

    [RADAR-21695] - Elements VM endpoint agent now detects Apache Log4j as authenticated network scan.

    Version 79131, released March 8, 2022

    [RADAR-21868] - Improved logging in the initial phase of the scan.

    Version 79190, released March 11, 2022

    [RADAR-22047] - Authenticated Linux scan now detects MySql server and its EOL status properly.

    Version 79581, released March 24, 2022

    [RADAR-22069] - Speeded up local Log4j file scans.

    Version 79914, released April 5, 2022

    [RADAR-22232, RADAR-22231] - The file system scanning feature was made more generic in order to look for more vulnerable binaries.

    Version 80345, released April 21, 2022

    [RADAR-22349] - Improved the reliability of the operating system detection.

    Version 80881, released May 12, 2022

    [RADAR-22496] - Unsupported Debian distributions in authenticated scan are now reported correctly without false positives.

    Version 80937, released May 13, 2022

    [RADAR-22519] - Added a non-version based detector for the BIG-IP iControl REST remote code execution vulnerability (CVE-2022-1388).

    Version 81295, released May 31, 2022

    [RADAR-2804] - Added the possibility to detect vulnerabilities in Mercurial in authenticated scanning for Windows.

  • Sylwia
    Sylwia Posts: 44 WithSecure Employee

    Old change log

    Publication time frame: June 2022 - September 2022


    Version 81331, released June 1, 2022

    [RADAR-22393] - Added the possibility to detect vulnerabilities in Fortinet FortiSOAR.

    [RADAR-22348] - Added the possibility to detect vulnerabilities in IceHrm.

    [RADAR-20108] - Added the possibility to detect vulnerabilities in JetBrains WebStorm in authenticated scanning for Windows.

    [RADAR-19695] - Added the possibility to detect vulnerabilities in JetBrains PhpStorm in authenticated scanning for Windows

    Version 81373, released June 2, 2022

    [RADAR-16759] - Added the possibility to detect vulnerabilities in PyCharm in authenticated scanning for Windows.

    Version 81447, released June 6, 2022

    [RADAR-22494] - Added the possibility to detect vulnerabilities in JetBrains Rider in authenticated scanning for Windows.

    [RADAR-20685] - Added the possibility to detect vulnerabilities in JetBrains RubyMine in authenticated scanning for Windows.

    [RADAR-16899] - Added the possibility to detect vulnerabilities in JetBrains IntelliJ IDEA in authenticated scanning for Window

    Version 81481, released June 7, 2022

    [RADAR-19150] - Capability to detect vulnerabilities in Cisco Proximity in authenticated scanning for Windows.

    [RADAR-15271] - Capability to detect vulnerabilities in JetBrains MPS in authenticated scanning for Windows.

    [RADAR-14956] - Capability to detect vulnerabilities in JetBrains Toolbox in authenticated scanning for Windows.

    Version 81511, released June 8, 2022

    [RADAR-22738] - Non-version-based detection for CVE-2022-26134 Confluence remote code execution vulnerability.

    Version 81707, released June 20, 2022

    [RADAR-8614] - Capability to detect vulnerabilities in Symantec VPI Access for Desktop in authenticated scanning for Windows.

    Version 81875, released June 29, 2022

    [RADAR-22858] - Capability to detect Rejetto HTTP File Server software and its vulnerabilities.

    [RADAR-22856] - Capability to detect Apache Kylin software and its vulnerabilities.

    [RADAR-22841] - Switched runtime to .NET 6.

    [RADAR-17120] - Capability to detect vulnerabilities in MariaDB Connector/C in authenticated scanning for Windows.

    Version 82453, released July 28, 2022

    [RADAR-22707] - Capability to detect IBM Aspera Faspex software and it's vulnerabilities

    Version 83153, released August 31, 2022

    [RADAR-23336] - Reverse-DNS obtained domain names are now forward-confirmed. Such domain is used in HTTP requests later on.

    Version 83385, released September 12, 2022

    [RADAR-12290] - Capability to detect vulnerabilities in Cisco Webex app (formerly Webex Teams) in authenticated scanning for Windows.

    [RADAR-23428] - Scan engines now use Nmap 7.93 for port scanning.

    Version 83540, released September 21, 2022

    [RADAR-17872] - Fixed an issue in which obsolete authenticated scan plugins, chosen for running a scan with limited number of plugins, were not properly replaced by their newest versions.

    Version 83701, released September 29, 2022

    [RADAR-23335] - Removed restriction for copying Windows Updates database file from Linux scan node.

  • Sylwia
    Sylwia Posts: 44 WithSecure Employee

    Old change log moved from: https://help.f-secure.com/product.html#business/releasenotes-business/latest/en/fsr_ss-latest-en

    Publication time frame October - November 2022


    Version 83791, released October 4, 2022

    [RADAR-23650] - Added detection for for Reported Zero-day Vulnerabilities in Microsoft Exchange Server a.k.a ProxyNotShell (CVE-2022-41040, CVE-2022-41082)


    Version 84211, released October 24, 2022

    [RADAR-23772] - Added detection for Arbitrary Code Execution through Apache Commons Text interpolation prior version 1.10.0 [CVE-2022-42889].


    Version 84427, released November 2, 2022

    [RADAR-23822] - Possible to detect CVE-2022-3602 and CVE-2022-3786 vulnerabilities in OpenSSL by version based plugins

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 84658, released November 15, 2022

    New features and improvements:

    [RADAR-22616] - Windows authenticated scan is now able to detect third party software, that is installed per user only.

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 85507, released December 20, 2022

    New features and improvements:

    [RADAR-23864] - Network scan is able to detect Dheat attack vulnerability using the Diffie-Hellman key exchange via SSL/TLS and SSH protocols

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 86001, released January 12, 2023

    New features and improvements:

    [RADAR-24290] - Capability to detect vulnerabilities in JetBrains Gateway in authenticated scanning for Windows

    [RADAR-24260] - Capability to detect vulnerabilities in PowerISO in authenticated scanning for Windows

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 86081 released January 16, 2023

    New features and improvements:

    [RADAR-24348] - Capability to detect vulnerabilities in Zoom Rooms for Windows in authenticated scanning for Windows

    [RADAR-24332] - Capability to detect vulnerabilities in UI Desktop for Windows in authenticated scanning for Windows

    [RADAR-23134] - Capability to detect vulnerabilities in SonicWall Connect Tunnel in authenticated scanning for Windows

    [RADAR-15019] - Capability to detect vulnerabilities in JetBrains ReSharper in authenticated scanning for Windows

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 86139 released January 18, 2023

    New features and improvements:

    [RADAR-22420] - Capability to perform authenticated scanning of AlmaLinux operating system

  • Wojciech Niemczyk
    Wojciech Niemczyk Posts: 21 WithSecure Employee

    Version 86415 released February 2, 2023

    New features and improvements:

    [RADAR-24469] - Capability to detect vulnerabilities in Signal Desktop in authenticated scanning for Windows

    [RADAR-23184] - Capability to detect vulnerabilities in WhatsApp Desktop in authenticated scanning for Windows

    [RADAR-22927] - Capability to detect vulnerabilities in 1Password in authenticated scanning for Windows

    [RADAR-22922] - Capability to detect vulnerabilities in Yandex Browser in authenticated scanning for Windows

    [RADAR-22543] - Capability to detect vulnerabilities in Line in authenticated scanning for Windows

  • Marcin Gryska
    Marcin Gryska Posts: 11 WithSecure Employee

    Version 86487 released February 6, 2023

    New features and improvements:

    [RADAR-24538] - Capability to detect vulnerabilities in Amazon SSM Agent in authenticated scanning for Windows

    [RADAR-24507] - Capability to detect vulnerabilities in Brave browser in authenticated scanning for Windows

    [RADAR-18265] - Capability to detect vulnerabilities in PingID Integration and PingID Desktop in authenticated scanning for Windows

  • Marcin Gryska
    Marcin Gryska Posts: 11 WithSecure Employee

    Version 86553 released February 8, 2023

    New features and improvements:

    [RADAR-24587] - Capability to detect vulnerabilities in Amazon CloudWatch Agent in authenticated scanning for Windows

    [RADAR-23020] - Capability to detect vulnerabilities in IVPN Client in authenticated scanning for Windows

    [RADAR-22796] - Capability to detect vulnerabilities in AtlasVPN in authenticated scanning for Windows

    [RADAR-22524] - Capability to detect vulnerabilities in Amazon AWS VPN Client in authenticated scanning for Windows

    [RADAR-22441] - Capability to detect vulnerabilities in bVPN in authenticated scanning for Windows

    [RADAR-19103] - Capability to detect vulnerabilities in SaferVPN in authenticated scanning for Windows

  • [Deleted User]
    [Deleted User] Posts: 0 New Member

    Version 86665 released February 13, 2023

    New features and improvements:

    [RADAR-24623] - Capability to detect vulnerabilities in Sunlogin Client in authenticated scanning for Windows

    [RADAR-24617] - Capability to detect vulnerabilities in McAfee Security Scan Plus in authenticated scanning for Windows

    [RADAR-24315] - Capability to detect vulnerabilities in Tailscale in authenticated scanning for Windows

    [RADAR-20393] - Capability to detect vulnerabilities in Securepoint SSL VPN Client in authenticated scanning for Windows

    [RADAR-20054] - Capability to detect vulnerabilities in Windscribe VPN in authenticated scanning for Windows

    [RADAR-16923] - Capability to detect vulnerabilities in Aviatrix OpenVPN Client in authenticated scanning for Windows

  • [Deleted User]
    [Deleted User] Posts: 0 New Member

    Version 86715 released February 15, 2023

    New features and improvements:

    [RADAR-22450] - Capability to detect vulnerabilities in Acronis Cyber Protect Home Office in authenticated scanning for Windows

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 86825 released February 20, 2023

    New features and improvements:

    [RADAR-24669] - Capability to detect vulnerabilities in ExpressVPN in authenticated scanning for Windows

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 86859 released February 21, 2023

    New features and improvements:

    [RADAR-22963] - Capability to detect vulnerabilities in Adaware Protect in authenticated scanning for Windows

    [RADAR-19156] - Capability to detect vulnerabilities in AnyDesk in authenticated scanning for Windows

    [RADAR-24674] - Capability to detect vulnerabilities in Stormshield SSL VPN Client in authenticated scanning for Windows

  • Radosław_Ł
    Radosław_Ł Posts: 1 Former WithSecure Employee

    Version 86993 released February 28, 2023

    New features and improvements:

    [RADAR-24729] - Capability to detect vulnerabilities in Sophos Exploit Prevention in authenticated scanning for Windows

  • szulpi
    szulpi Posts: 10 WithSecure Employee

    Version 87071 released March 2, 2023

    New features and improvements:

    [RADAR-24705] - Capability to detect vulnerabilities in McAfee Data Loss Prevention (DLP) Endpoint in authenticated scanning for Windows

    [RADAR-24672] - Capability to detect vulnerabilities in HP Connection Optimizer in authenticated scanning for Windows

    [RADAR-24664] - Capability to detect vulnerabilities in pgAdmin in authenticated scanning for Windows

    [RADAR-18343] - Capability to detect vulnerabilities in Hotspot Shield VPN client in authenticated scanning for Windows

    [RADAR-18145] - Capability to detect vulnerabilities in Avast Secure Line VPN in authenticated scanning for Windows

    [RADAR-18089] - Capability to detect vulnerabilities in Kaspersky VPN Secure Connection in authenticated scanning for Windows

  • Marcin Gryska
    Marcin Gryska Posts: 11 WithSecure Employee

    Version 87165 released March 6, 2023

    New features and improvements:

    [RADAR-24805] - Capability to detect vulnerabilities in Sophos Connect Client in authenticated scanning for Windows

    [RADAR-24704] - Capability to detect vulnerabilities in McAfee Active Response in authenticated scanning for Windows

    [RADAR-24673] - Capability to detect vulnerabilities in HP Support Solution Framework in authenticated scanning for Windows

    [RADAR-15033] - Capability to detect vulnerabilities in IrfanView in authenticated scanning for Windows

  • Marcin Gryska
    Marcin Gryska Posts: 11 WithSecure Employee

    Version 87217 released March 8, 2023

    New features and improvements:

    [RADAR-23593] - Capability to detect vulnerabilities in Watchdog Anti-Virus in authenticated scanning for Windows

    [RADAR-22688] - Capability to detect vulnerabilities in Intel Manageability Commander in authenticated scanning for Windows[RADAR-20958] - Capability to detect vulnerabilities in Amazon AWS WorkSpaces client in authenticated scanning for Windows

  • Marcin Gryska
    Marcin Gryska Posts: 11 WithSecure Employee

    Version 87244 released March 9, 2023

    New features and improvements:

    [RADAR-24694] - Capability to detect vulnerabilities in Cisco Secure Endpoint (formerly Advanced Malware Protection (AMP) for Endpoints) in authenticated scanning for Windows

  • Krzysztof Syroczyński
    Krzysztof Syroczyński Posts: 11 Observer

    Version 87405 released March 16, 2023

    New features and improvements:

    [RADAR-24863] - Capability to detect vulnerabilities in NSClient++ in authenticated scanning for Windows

    [RADAR-22970] - Capability to detect vulnerabilities in GIMP in authenticated scanning for Windows

    [RADAR-19434] - Capability to detect vulnerabilities in Intel Trace Analyzer and Collector in authenticated scanning for Windows

    [RADAR-18613] - Capability to detect vulnerabilities in Git LFS in authenticated scanning for Windows

  • ferbko
    ferbko Posts: 9 WithSecure Employee

    Version 87483  released March 21, 2023

    New features and improvements:

    [RADAR-24906] - Capability to detect vulnerabilities in HP Version Control Agent in authenticated scanning for Windows

  • Krzysztof Syroczyński
    Krzysztof Syroczyński Posts: 11 Observer

    Version 87581  released March 27, 2023

    New features and improvements:

    [RADAR-24905] - Capability to detect vulnerabilities in HP Insight Management Agents in authenticated scanning for Windows

    [RADAR-24903] - Capability to detect vulnerabilities in IBM Spectrum Protect (aka Tivoli Storage Manager) Client in authenticated scanning for Windows

    [RADAR-16308] - Capability to detect vulnerabilities in OpenVPN Connect and OpenVPN Community edition in authenticated scanning for Windows

  • ferbko
    ferbko Posts: 9 WithSecure Employee

    Version 87681 released April 3, 2023

    New features and improvements:

    [RADAR-25022] - Capability to detect vulnerabilities in NXLog Community Edition in authenticated scanning for Windows

    [RADAR-25020] - Capability to detect vulnerabilities in 3CX Desktop App in authenticated scanning for Windows including CVE-2023-29059 vulnerability (about trojanized versions of the software).

  • ferbko
    ferbko Posts: 9 WithSecure Employee

    Version 87711 released April 4, 2023

    New features and improvements:

    [RADAR-24102] - Capability to detect vulnerabilities in PostgreSQL JDBC Driver in authenticated scanning for Windows and Linux

  • krucko
    krucko Posts: 3 WithSecure Employee
    Version 88029, released April 20, 2023

    New features and improvements:

    - Capability to detect vulnerabilities in Wondershare MobileTrans in authenticated scanning for Windows
    - Capability to detect vulnerabilities in Wondershare Filmora in authenticated scanning for Windows

  • Krzysztof Syroczyński
    Krzysztof Syroczyński Posts: 11 Observer

    Version 88067, released April 24, 2023

    New features and improvements:

    [RADAR-25085] - Capability to detect vulnerabilities in Wondershare PDFelement in authenticated scanning for Windows
    [RADAR-25066] - Capability to detect vulnerabilities in Wondershare Repairit in authenticated scanning for Windows

  • Krzysztof Syroczyński
    Krzysztof Syroczyński Posts: 11 Observer

    Version 88087, released April 25, 2023

    New features and improvements:

    [RADAR-25083] - Capability to detect vulnerabilities in Wondershare Creative Center in authenticated scanning for Windows
    [RADAR-25082] - Capability to detect vulnerabilities in Wondershare PDF Reader in authenticated scanning for Windows
    [RADAR-25075] - Capability to detect vulnerabilities in Wondershare Edrawmax in authenticated scanning for Windows
    [RADAR-25072] - Capability to detect vulnerabilities in Wondershare Recoverit in authenticated scanning for Windows

  • Krzysztof Syroczyński
    Krzysztof Syroczyński Posts: 11 Observer

    Version 88115, released April 27, 2023

    New features and improvements:

    [RADAR-25084] - Capability to detect vulnerabilities in Wondershare Anireel in authenticated scanning for Windows
    [RADAR-25068] - Capability to detect vulnerabilities in Wondershare DemoCreator in authenticated scanning for Windows

  • ferbko
    ferbko Posts: 9 WithSecure Employee

    Version 88570, released May 22, 2023

    New features and improvements:

    [RADAR-25302] - Capability to detect vulnerabilities in Beekeeper Studio in authenticated scanning for Windows
    [RADAR-25158] - Capability to detect vulnerabilities in Qualys Cloud Agent in authenticated scanning for Windows
    [RADAR-22659] - Capability to detect vulnerabilities in Acronis Snap Deploy in authenticated scanning for Windows
    [RADAR-18694] - Capability to detect vulnerabilities in Golang in authenticated scanning for Windows

    Version 88618, released May 24, 2023

    New features and improvements:

    [RADAR-19717] - Capability to detect vulnerabilities in Nessus Agent in authenticated scanning for Windows