• 6.6.19 Product Update 2020-05-06

    • New

      • New automated vulnerability content: We now support recurring vulnerability coverage for Amazon Linux 2.

      Improvements

      • Defense Information Systems Agency (DISA) Policy content: We updated the following existing DISA benchmarks:
        • Red Hat Enterprise Linux 7 STIG Benchmark - Ver 2, Rel 7
        • Red Hat Enterprise Linux 6 STIG Benchmark - Ver 1, Rel 27
        • Mozilla Firefox for RHEL STIG Benchmark - Ver 1, Rel 6
        • Windows Defender Antivirus STIG Benchmark - Ver 1, Rel 6
        • Microsoft .NET Framework 4 STIG Benchmark - Ver 1, Rel 7
      • Updated obsolete version content: We updated our f5-big-ip-obsolete-version check to include more unsupported versions.
      • Improved credential source labeling: The "Administrative Credential" and "Service Credential" labels in scan logs and Source columns of node fingerprint tables have been renamed as "Configured Credential" and "Discovered Credential" respectively. These new labels will help you easily determine if the source credential that produced the fingerprint was configured by a user on the Security Console or discovered automatically during a scan.
      • Improved Apache Tomcat fingerprinting: Our new fingerprinting technique can now identify Apache Tomcat on Windows assets using uninstaller registry keys.
      • Improved Linux vulnerability assessment capability: The product will no longer report Linux kernel vulnerabilities that have been live-patched by KernelCare.

      Fixes

      • We fixed an issue where the CSV export function in the Query Builder would produce an export of data contained in an unselected tab instead of the selected one.
      • We fixed an issue that caused users to log out when attempting to access the dashboard.
      • We fixed an issue that prevented remediation project assignees from opening their project directly from the notification email they receive.
      • We fixed an issue with the Vulnerability Severity Over Time dashboard card that prevented it from reflecting custom start and end dates.
      • We fixed an issue with our msft-cve-2020-0688-unsupported-version vulnerability check to resolve potential false positives.
      • We fixed several end-of-life checks for various Linux distributions that were missing the Obsolete Software category.