Acunetix 360 On-Demand - v24.11.0

This update includes changes to the internal agents. The internal scan agent’s current version is 24.11.0. The internal authentication verifier agent’s current version is 24.11.0.

New Features

  • API Discovery now supports working with RAML specs from Mulesoft Anypoint Exchange

New Security Checks

  • Added a check for applications performing certificate name validation to prevent reading invalid memory addresses (CVE-2024-6119)

Improvements

  • Updated the AuthVerificationService from .NET 6.0 to .NET 8.0

Fixes

  • Fixed an issue with missing links in imported files that were sent from the API Inventory to the agent
  • Fixed an issue where target names longer than 40 characters were not being truncated as expected on the Create New Target page
  • Fixed an issue where the "Download HTTP Request Logs" button triggered an error while a scan was in progress
  • Fixed an issue where user names containing the character "ä" could not be added
  • Fixed an issue with the scan data retention period for raw scan files that was not working as expected
  • Fixed missing scan completed notifications with report attachments
  • Fixed an issue where adding more than one name to a Notification's Excluded Recipients would remove the other users from all other notifications
  • Fixed an issue where the verifier agent could not read or apply custom proxy settings from the appsettings.json file
  • Fixed an issue where uploading a .proto file caused a "No links found in the file" error
  • Fixed missing request/response details for some out-of-band vulnerabilities