Copyright

© 2021 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.

Trademark

Outpost24® and OUTSCAN™ are trademarks of Outpost24® in Sweden and other countries.


Release Date: 2021-09-21

Version:  4.31.24.0.el7


Important notice for all XMLAPI users

From October, we will be restricting XMLAPI queries to return a maximum of 5000 rows per query to ensure sustainable performance for all XMLAPI users.

Important notice for all HIAB customers

Last year we changed the way we handle encryption of HIAB backups to increase security, speed and reliability. This has been implemented for encryption and decryption of current backups, however we have kept the legacy decryption function to support older backups.

HIAB Backups have been using the new method since January 2021. If you have not performed a HIAB backup since January 2021, you should perform a backup to ensure that it can still be decrypted successfully if needed.

The legacy method of decryption will be removed in September 2021. If there is a potential issue with this, please contact Outpost24 Support.

New Features

Farsight

  • Broadcom has now been added as an additional source of exploit information

Agents


We recommend all customers to update to the latest version of the agent. It contains bug fixes and other improvements.

More information on updating is available here: https://kb.outpost24.com/kb/vulnerability-management-netsec/outscan-hiab/netsec-agents/installing-outpost24-agents

Bug Fixes and Minor Improvements


  • Fixed an issue with Appsec Scale scan duration time, where a scanstopped due to authentication failure
  • Fixed an issue when running an AWS Discovery using the HIAB External architecture
  • Fixed an issue where PCI Only users were unable to send an informative email when a new subuser is created
  • Fixed an issue in Portal where an error may occur when trying to create a new scheduled report via email
  • Fixed a bug where exported reports did not show 'Gathered Information' for web findings outside of port 80
  • Implemented various performance improvements for Delta Reports in Reporting Tools
  • Fixed an issue with scheuled reports in Portal where its not possible to select a time frame
  • Fixed an issue with filtering in the vulnerability database when an attribute is set
  • Fixed an issue which may occur where it was not possible to give a subuser access to scanner 'Local' in Outscan
  • Fixed an issue in Portal Dashboards where viewing any dashboard in edit mode, then switching to the default dashboard would result in the default being appended twice
  • Improved the handling of Agents with identical machine names

Netsec

  • Added detection for opnSense
  • Added detection of CVE-2021-40444 (released 2021-09-09)
  • Added active script for CVE-2020-8193
  • Resolved bug where certain UTF-8 characters would be dropped over SMB
  • Resolved bug where specific Office 2016 patches would be missed
  • Resolved bug where SSL/TLS validation failures would report incorrectly when using IP as SNI
  • Resolved bug where VMware Identity Manager detection would not take build number into account
  • Resolved bug where certain RHEL machines would not report the version correctly
  • Improved detection of Samba
  • Improved detection of common Diffie-Hellman primes used in SSL/TLS
  • Updated detection for weak cryptography in HTTP WWW-Authenticate headers
  • Several internal performance, reliability and maintainability improvements of the scanner

Appsec

  • Added detection for common CSP misconfigurations