![]() CVE-2018-6324 - Unvalidated Redirect via the ReturnUrl parameter.Issue has a limited scope (only user's own workspace). CVE-2018-6189 - XSS via vectors involving the Tags parameter in the JSON request.Two security vulnerabilities have been closed by this release: Added a new type of notification for when communication with the scan node is restored.Added a new type of notification for when there is no communication with the scan node.Vulnerability link points to a vulnerability definition available via API. SystemScan plugins RSS feed is published in a valid form.Aggregated status on the scan node list row showing the most important warning.Showing information in case running out of the disk space on the scan node machine.Information about a disabled, due to abuse, scan node license on the scan node list.Information about an expired scan node license on the scan node list.Updating changes of the vulnerability scans and discovery scan list details without reloading the view.Ability to mark one or many notifications as unread.Ability to mark all notifications as read in the bell widget.Version 3.9.1, released February 08, 2018 You can upload one or more discovery scan template configurations.You can upload one or more system and web scan configurations.You can download one or more discovery scan template configurations.You can download one or more system and web scan configurations.License agreement appears all the time for new organizations.Added a new type of notification to indicate when the limit of allowed monthly IP usage is reached.Added a new type of notification for low disk space on the scan node.It is possible to see the full list (grouped by category or flat) of user notifications, show notification details, and mark notifications as read or unread.It is possible to configure the level and category of notifications.Notification bell component added next to the right corner of the screen to indicate that there are unread notifications.Unnecessary encoding on the sorting by status dropdown (Japanese locale).Publication time frame: January - July 2018 There is also an option to attach or remove screenshots in Web Scan vulnerabilities. Added functionality that allows adding, editing, and deleting System Scan and Web Scan vulnerabilities to report by using API methods.Version 3.7.0, released December 11, 2017 Fixed an issue in the scan target name validation.Version 3.6.2, released November 30, 2017 Version 3.6.1, released November 22, 2017 The scan target URL for web scans were not being validated properly when a query string was passed.Feedback and support links are separated in the menu.Vulnerability status customization is now available on the user interface.Version 3.6.0, released November 20, 2017 Vulnerabilities from web scans were not visible when a summary report was generated.Version 3.5.1, released November 15, 2017 Migration from .NET Core version 1.1 to 2.0 in the backend.If you manage several Radar accounts, you can now access several of them through the “company selector” feature to manage several work spaces with one login.Radar API authentication implemented with Access Keys for third-party integration.The widget shows the number of hosts, average severity, and number of vulnerabilities found. New widget (Gauge) available for the Dashboard.Splitting API to integration (longer supported backward compatibility) and latest channels (for the latest changes).Version 3.1.0, released September 25, 2017 The vulnerabilities page now also lists web application (Web Scan) vulnerabilities.New RESTful Radar application programming interface (API) for easy integration with 3rd party software.Solution migrated to the latest Microsoft technologies on the backend.Both list view and group view are now supported on multiple pages.Batch actions are supported everywhere in the interface, making it easier to update scheduling templates on multiple scans, for example.Filters can be saved and reused, also on the Dashboard. Filtering and sorting has been greatly improved to support the needs from advanced Radar users.New, responsive and adaptive HTML5-based user interface that follows F-Secure’s user experience guidelines.User interface localization (English, Japanese, French, German).Improved adding system scans and discovery scans in bulk (also from CSV file).Shorter release cycle for Radar Security Center (at least every 2 weeks).Version 3.0.0, released September 11, 2017 Publication time frame: September - December 2017 Elements Endpoint Detection and Response.
0 Comments
Leave a Reply. |