Changelogs

Acunetix 360 On-Demand

RSS Feed

14 Oct 2022

Acunetix 360 On-Demand Update - 14 October 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.155. The internal authentication verifier agent’s current version is 2.0.2.155.

FIXES

  • Fixed the comma issue that appeared when the scan is launched with the Header Authentication.
  • Fixed the internal agent issue in which the scan is stuck after the scan is canceled.

 


13 Oct 2022

Acunetix 360 On-Demand Update - 13 October 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.154. The internal authentication verifier agent’s current version is 2.0.2.154.

NEW FEATURES

  • Added auto-GraphQL attack after endpoint is detected.

NEW SECURITY CHECKS

  • Added MongoDB Time-based (Blind) Injection.
  • Added SQLite Boolean SQL Injection.
  • Added MongoDB Error-based Injection.

IMPROVEMENTS

  • Improved the Trend Matrix Report exporting to include the severity information as well.
  • Improved the HashiCorp integration to authenticate with user tokens, too.
  • Updated Vulnerability Detection Logic in the JWT engine.
  • Improved the GraphQL scanning to include the separated comment lines in GraphQL files.
  • Improved the Authentication Verifier Agent to work with self-signed SSL.
  • Improved the Azure Pipeline Extension to generate a scan report on the release pipeline.
  • Updated Liferay Portal signature & added a mapping for version conversion.

FIXES

  • Fixed a bug that corrupts the header authentication credentials after updating the scheduled scan.
  • Fixed the status information showing different data on the Discovered Webpages page.
  • Fixed the Docker Agent build fail because of the compiler package.
  • Fixed the Total Elapsed and Average Time values displaying 00:00:00 on the Scan Performance tab of the Technical Report.
  • Fixed the time values displaying 00:00:00 on the Crawling Performance node of the Technical Report.
  • Fixed the Authentication Verifier Agent’s time zone bug.
  • Fixed the bug that duplicates the login page when users try to revalidate the login form.
  • Fixed the bug on the user interface of ServiceNow Incident Management integration that caused issues with the On Hold status.
  • Fixed the bug on the user interface of ServiceNow Incident Management integration that caused issues with the Closed status.
  • Fixed the Single Sign-on – encryption certification issue.
  • Fixed the web security issue for the origin header problem.
  • Fixed the sitemap bug that caused missing information when imported.
  • Fixed the bug that threw an error, as HTTP Requester deletes the whole body part of the request which contains the login credentials.
  • Fixed highlighting CSP Directives in different header issues.
  • Fixed duplicate bearer tokens for some requests.
  • Fixed an issue that resulted in false positive Cross-site Scripting (DOM-based).
  • Fixed the bug that shows the previous version of VDB.
  • Fixed parseable false attack patterns place.

27 Sep 2022

Acunetix 360 On-Demand Update - 27 September 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.153. The internal authentication verifier agent’s current version is 2.0.2.153.

IMPROVEMENTS

  • Added the .gql to the supported file types for the import link.
  • [Early Release] Deselected the Include Unreachable Discovered Website checkbox by default.
  • Improved the site map and vulnerability synchronization.

FIXES

  • Fixed the required attribute for the category on the ServiceNow Incident Management integration.
  • Fixed the website’s exporting to CSV issue when sorted by description.
  • Improved the scan status that running scans will be set as Failed if their Scanner Agent is Not Available or Terminated.
  • Fixed the deleted vulnerability issue while creating a scan report.
  • Fixed the Exclude Authentication Pages option on the scan scope when configuring an authentication profile.

15 Sep 2022

Acunetix 360 On-Demand Update - 15 September 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.152. The internal authentication verifier agent’s current version is 2.0.2.152.

NEW FEATURES

  • [Early Release] Added the Amazon Web Service to the Discovery, so Acunetix 360 can discover your web assets on AWS.

IMPROVEMENTS

  • Added the report option to the Jenkins integration.
  • Updated the ServiceNow Incident Management integration to include full vulnerability information.
  • Updated embedded Chromium browser.
  • Added notification to warn users if they are creating a vulnerability profile that exists on the report policy.
  • Added content and return type to the scans/report and scans/downloadscanfile API endpoint.

FIXES

  • Fixed the Jenkins plug-in integration so that it can work after the Log4j update.
  • Fixed the maximum scan duration bug when set in the user interface and API endpoint.
  • Fixed the tooltip color on the scan status page.
  • Fixed the ServiceNow API endpoint issue.
  • Fixed the Exclude Authentication Pages option on the scan scope when configuring an authentication profile.
  • Fixed the Nuget package version issue.

31 Aug 2022

Acunetix 360 On-Demand Update - 31st August 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.151. The internal authentication verifier agent’s current version is 2.0.2.151.

IMPROVEMENTS

  • [Early Access] Improved the scan profile feature, so any updates on a scan profile are to be reflected on the scheduled scans, incremental scans, and retests.
  • Improved the Activity Log page to list any changes on the general settings.
  • Improved the user agent to add custom user agents.
  • Improved the Basic, Digest, NTLM/Kerberos, Negotiate Authentication to inform users on test credentials page whether this authentication is required or not.
  • Improved the required information for the Kafka integration.
  • Improved the raw scan file expired information message.

FIXES

  • Fixed a bug that does not show the status change drop-down on the scan report page when zoomed in.
  • Updated the Unfuddle Integration where optional fields have “required” text.
  • Improved the IP Restriction Infrastructure.
  • Fixed failed scans where the Target URL is IPv6 and starting with ::1
  • Fixed the null reference problem issue while using the 3-legged flow type for OAuth2.
  • Fixed the Chrome version number on the custom script editor while using an internal authentication agent.
  • Fixed the GraphQL retest bug that showed a different request count.

18 Aug 2022

Acunetix 360 On-Demand Update - 18th August 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.150. The internal authentication verifier agent’s current version is 2.0.2.150.

IMPROVEMENTS

  • [Early Access] Improved the Jira integration.
  • Improved the notification rule scope.
  • Added an option to block navigation on SPAs pages.
  • Removed the target URL health check that lets the scan continue despite getting error messages such as 403.
  • Added the information message when users want to delete the preferred agent configured to a scan.
  • Improved the scan profile to edit Basic, Digest, NTLM/Kerberos, and Negotiate Authentication while starting a new scan.
  • Updated the text on the GraphQL Instropection pop-up.
  • Updated the Basic Authentication message for the internal authentication verifier agent.

FIXES

  • Fixed a bug that caused the scan session failure when the scan is paused and resumed.
  • Fixed a bug that causes server error when expired integration is cloned.
  • Fixed an issue where the Due Days for FreshService integration is displayed as required despite being optional.
  • Fixed an issue that prevented the Authentication Verifier Server from communicating with the web application when the IP Restriction is enabled.
  • Fixed a bug that disabled the Send To button on the All Issues page when users select edit but navigate back to the page.
  • Fixed a bug where DefectDojo automatic issue import is not working.
  • Fixed timeout issues during website DNS checking.
  • Fixed an issue where a JavaScript Setting option blocks inputs for the single-page applications to be reported in the Web Pages with Inputs node.
  • Fixed the improper path parsing when a postman collection file is imported.
  • Fixed a bug that caused the browse section to continue appearing on the Links/API definition page after the import process is canceled.
  • Fixed the null return upon the “GET /scans/list-scheduled” API call.
  • Fixed the Node.js sensor file that was corrupted.
  • Fixed the Acunetix 360 favicon.

16 Aug 2022

Acunetix 360 On-Demand Update - 16th August 2022

The internal scan agent’s current version is 2.0.2.149. The internal authentication verifier agent’s current version is 2.0.2.149.

FIXES

  • Fixed a bug that showed an internal error when cloud agents cannot access internal webpages.

09 Aug 2022

Acunetix 360 On-Demand Update - 9th August 2022

This update includes changes to the internal agents. The internal scan agent’s current version is 2.0.2.148. The internal authentication verifier agent’s current version is 2.0.2.148.

IMPROVEMENTS

  • Improved the web app to store the agent file’s version to prevent unnecessary updates.
  • Improved the internal agent not to start without updating itself when there is an update.
  • Improved the internal agent not to display the “Update Agent” button when the agent has the latest version.

FIXES

  • Fixed the bug that prevents the internal agent from being auto-updated.

20 Jul 2022

Acunetix 360 On-Demand Update - 20th July 2022

FIXES

  • Fixed internal exception that affects the usage of SCIM API endpoints
  • Fixed a bug that causes the All Issues API endpoint not to work when Splunk is selected as an integration.

1 6 7 8 13