Release Notes January 2020
© 2023 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.
Release Date: 2020-01-21
This release is a preparation for the upcoming February (and winter) release. Capability to assess Azure environments for compliance into a unified multi-cloud compliance view has been integrated. This is currently a beta functionality and the new CIS benchmark (v1.1.0) is under approval by CIS.
- Improved log message on logs for discovery scans
- Added detection for IPMIv2 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP)
Platform / API
- Filtering multiple tags
- Set literal filter by pressing on a tag
- Improved accepting risks performance
- Better logging exception error in offline enrollment
- Improved task scheduling
- Created CIS compliance policy for Ubuntu Linux 18.04 LTS v1.0.0
- Added PCI scan type and updated ASV attestation text
- Added detection for CVE-2019-19781 (Netscaler/Citrix ADC)
- Created CIS Azure Benchmark V1.1.0, BETA and pending approval by CIS
- MSSP purging default values containing "outpost24.com"
- MSSP Agents can now view the consumption stats for each customer account
- Adjusted Scale consumption stats to count only configured assets
Fixes and Minor Improvements
- Handled question mark if it is the only part of the query
- Fixed bugs in SQL injection detection for stacked queries
- Fixed SWAT reports show 0.0 average CVSS score
- Scout: Disabled subdomain enumeration due to performance issues
- Corrected multiple bugs in Amazon Linux v2.1.0
- Fixed improper validation in AWS role based scanning
- Fixed XML output in PCI report
- Fixed platform detected as "Microsoft Windows" for Oracle Linux machine
- Fixed detection CVE-2013-4786
- Fixed inability to export targets in Manage Targets view
- Fixed OUTSCAN RC Discovery failures
- Fixed Export Target list error
- Fixed an issue with Dashboard trend and PDF report trend not matching
- Corrected information for third party licenses, concerning VMware vSphere
End of Life Announcement
Appsec SWAT UI EOL
The deprecation of the SWAT Classic UI have been indefinitely. It is strongly recommend that customers make use of the APPSEC UI for the majority of their activities as Swat Classic UI is no longer actively developed. Once a firm deprecation date have been set, a three month notification of the End of Life will be provided.