Acunetix Standard & Premium

New features

• Added the ability to use Aria Roles to provide better coverage
• Introduced PCI DSS 4.0 report. Note that PCI DSS 3.2 will reach the end of its support or relevance by the end of March
• .NET IAST now supports .NET 8 (currently in Open Beta)

New security checks

• XXE in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-22024)
• Magento 2.0-2.3 End of life
• ColdFusion Access Control bypass (CVE-2023-29298 / CVE-2023-38205)
• ColdFusion XSS (CVE-2023-44352)
• Skype for Business SSRF (CVE-2023-41763)
• VMware Aria Operations for Networks RCE (CVE-2023-20887)
• IBM Aspera Faspex RCE (CVE-2022-47986)
• GeoServer SSRF (CVE-2021-40822)
• WSO2 Management Console XSS (CVE-2022-29548)
• SSRF in Ivanti Connect Secure, Policy Secure and Neurons (CVE-2024-21893)
• LISTSERV XSS (CVE-2022-39195)
• Unrestricted access to MLflow
• KeyCloak Information Disclosure (CVE-2020-27838)
• CloudPanel file-manager Auth bypass (CVE-2023-35885)
• TestRail Information Disclosure (CVE-2021-40875)
• Grafana Snapshot Authentication Bypass (CVE-2021-39226)
• Harbor Unauthorized Access Vulnerability
• Ghost CMS Theme Path Traversal (CVE-2023-32235)
• cPanel XSS (CVE-2023-29489)
• GoAnywhere MFT Authentication Bypass (CVE-2024-0204)
• Ivanti Endpoint Manager Mobile (EPMM), formerly MobileIron Core API Auth bypass (CVE-2023-35082)
• Unauthenticated OGNL injection in Confluence Server and Data Center (CVE-2023-22527)
• Authentication Bypass in Ivanti Connect Secure and Policy Secure (CVE-2023-46805)
• RCE in Ivanti Connect Secure and Policy Secure (CVE-2024-21887)
• GeoServer WMS SSRF (CVE-2023-43795)
• Ivanti Sentry Authentication Bypass (CVE-2023-38035)
• SAP SAP BusinessObjects Business Intelligence Platform XXE (CVE-2022-28213)
• SysAid On-Premise RCE (CVE-2023-47246)
• Multiple ColdFusion WDDX Deserialization RCEs (CVE-2023-44353 / CVE-2023-38203 / CVE-2023-38204)

Improvements

• Updated Chromium to 121.0.6167.139/140
• Improved detection of DOM-based Cross Site Scripting (XSS)
• Improved the way that “Content Security Policy Misconfiguration” alerts are reported
• Improved detection of Client Side Prototype Pollution (CSPP)
• IAST scans will start reporting the IAST sensor version used for the scan
• New column “Result” is shown in the list of scans to provide more details about scan outcome
• Enhanced support for OTP apps by displaying the activation code next to the QR code
• Improved crawling of Single Page Applications (SPA) that are using Ionic Framework
• Added the ability to scan web applications which require browsing in a single browser tab
• Upgraded user experience of in-app notifications – Updated UX of notifications dropdown
• When accessing the application from a different location or browser, all other sessions are promptly terminated. Previously, users were notified, causing inconvenience when working from various locations

Fixes

• Fixed a bug caused by the engine not respecting Cache-Control directive
• In rare situations, a report being generated could have resulted in an Internal server error. This issue has now been fixed
• Fixed several minor user experience issues across the application
• Removed deprecated X-Frame Options check

New features

• The Java IAST sensor has been updated to support Java 17 and removes the requirement for AspectJWeaver
• Changes to the mechanism that manages services for Acunetix On-Premises for Docker and Linux (Customers using Acunetix On-Premises for Docker or Linux need to manually update to version 24.1)

New security checks

• Improved Elmah security check to check for variants of Elmah
• OpenCms Chemistry Solr XML External Entity (XXE) (CVE-2023-42346)
• OwnCloud phpinfo Information Disclosure (CVE-2023-49103)
• TorchServe Management API SSRF (CVE-2023-43654)
• Updated vulnerabilities for WordPress Core and WordPress plugins
• Ofbiz PreAuth RCE (CVE-2023-49070)
• F5 BIG-IP Request Smuggling (CVE-2023-46747)
• Sitecore XP TemplateParser RCE (CVE-2023-35813)
• Added a check for SSRF/LFI via PDF generation
• Added a check for file inclusion/path traversal when the response is shown inside a PDF

Improvements

• Updated .NET (core) IAST sensor to hook new functions
• The scanner will now properly report when the protocol (http/https) is changed at the start of the scan
• Increased the size limit to 10kB for supported Client Certificates for authenticated scans
• Updated to Chromium 119.0.6045.199/200
• Users can opt-in to receive a direct download link instead of a PDF report attachment (On-Prem only)
• Improved crawling of Single Page Applications (SPA) that are using React
• Improved crawling of Single Page Applications (SPA) that are using the Angular Framework
• Improved crawling of Single Page Applications (SPA) that are using the Vue.js Framework
• New User Profile design
• A refreshed UI with a new navigational experience

Fixes

• Fixed an issue that was causing some vulnerabilities not to be exported to Amazon AWS WAF
• Fixed a Deepscan and LSR issue caused when a page overrides the standard window.* methods
• Notifications about scans that require manual intervention are now correctly displayed wherever the user is located (On-Prem only)
• Fixed a number of scanner crashes

Improvements

• Improvements to our Elmah security check
• Improvements for Server Side Template Injection vulnerabilities (SSTI)
• Additional logs for SSO

Fixes

• Fixed a crash on Postman import
• Client Certificate for target import fix

New security checks

• New Security Check: CVE-2023-20198
• New Security Check: CVE-2023-22515

Improvements

• Multiple improvements to the SSL Engine
• Improvements to the detection of CVE-2023-27524
• Improvements to the detection of SQL Injection vulnerabilities when using WAFs

New security checks

• Added new check for: CVE-2023-32315
• Added new check for: CVE-2023-41892
• Added new check for: CVE-2023-40044
• Improved detection of exposed installers: Openfire and Chamilo

Improvements

• PHPSensor: Yii Framework logging improvements
• .NET Sensor: Improvement to file list
• Multiple improvements to SSL Checks