Release Notes October 2022
Release Date: 2022-10-25
Version: 8.7.0.1.el7
New Features
Netsec
- Farsight: Implemented the Farsight Risk Score. More details can be found here: Farsight Update Information
Appsec
Alphabetically sort tags in Assets column
Unified View
- Added Exposed assets tag
- Improved resilience of ETL service
Bug Fixes and Minor Improvements
Netsec
- Added external SSL/TLS scanning support for MS-SQL
- Added service fingerprinting for srvloc
- Added detection for the Microsoft AppX Installer
- Added detection of PostgreSQL MD5 Authentication Method
- Added detection of QNAP NAS devices
- Added detection of Fortinet FortiVPN Client
- Improved service fingerprinting for ms-sql-m
- Improved detection for certain WordPress plugins
- Improved service fingerprinting for http-proxy
- Improved detection of Oracle Database 11g
- Improved detection of Python
- Improved detection of Fortinet FortiOS
- Improved detection of Scan Interference
- Updated "Invalid Lifetime" certificate check to align with CAB Forum
- Tweaked the number of concurrent connection attempts to targets
- Resolved false positive related to http-proxy POST requests
- Resolved false positive related to Makefile disclosure
- Resolved false positive related to OWA
- Resolved minor bugs related to SNMP, SMTP, LDAP, and Kerberos service fingerprinting
- Resolved bug related to default credentials checking over Telnet and FTP
- Resolved bug where a disabled Internet Explorer would show up as installed in some cases
- Resolved bug where HTTP 404 detection could fail in some situations
- Resolved rare bug where unsafe scans over IPv6 could report certain findings incorrectly
- Resolved rare bug where service fingerprinting sometimes triggered due to the wrong reason
- Resolved rare bug where Google Chrome could have its version misdetected
Appsec
- Resolved bug where certain jQuery plugins would be detected as jQuery
- Resolved bug in SameSite cookie detection where the None value was set
- Resolved bug where certain cookie-related findings would get incorrectly deduplicated
- Updated X-XSS-Protection finding to align with current recommendations
Updated Translation in UI
End of Life Announcement
SWAT Classic UI
We are announcing the End of Life of the SWAT Classic UI. Due to feedback from customers we have extended the end of Support date for the SWAT Classic UI to 31st December 2022. We do not envision extending support further.
- Official End of Life date: 31st March 2022
- Official End of Support date: 31st December 2022
End of Life Announcement
Likelihood Score and Likelihood Delta
We are announcing the End of Life of the Likelihood Scoring. This will be replaced with the new Farsight score. More details can be found here: Farsight Update Information
- Official End of Life date: October 2022
- Official End of Support date: January 2023
Copyright
© 2024 Outpost24® All rights reserved. This document may only be redistributed unedited and unaltered. This document may be cited and referenced only if clearly crediting Outpost24® and this document as the source. Any other reproduction and redistribution in print or electronically is strictly prohibited without explicit permission.
Trademark
Outpost24® and OUTSCAN™ are trademarks of Outpost24® and its affiliated companies. All other brand names, product names or trademarks belong to their respective owners.