Acunetix 360 On-Premises 1.9.3 – 7th January 2021
NEW FEATURES
- Added the Stop the Scan if the Build fails option in GitLab CI/CD
- Added the Fail the Build if one of the selected scan severity is detected option in GitLab CI/CD
- Upgraded the scanning engine to version 5.9.1.27722.
NEW SECURITY CHECKS
- Added Oracle WebLogic Server Remote Code Execution (CVE-2020-14882)
- Added Oracle WebLogic Server Authentication Bypass (CVE-2020-14883)
IMPROVEMENTS
- Added the Scan Group selection combo box to Trend Matrix Report
- Added WASC Threat Classification Report
- Added the Export Unconfirmed option in the report generation screen
- Added the info box to Custom Scripts window for the Form Authentication
- Added URL Rewrite Rules while a file is being imported
- Added Uniqueness Controls on the new integration wizard
- Added validations of new integration wizard
- Added Swagger JSON link to API document’s index
- Added the Exclude Authentication Pages checkbox when the Form Authentication option is enabled
- Improved the performance of the Discovery Page
- Improved the performance of generating reports that contain a large number of vulnerabilities
- Improved the custom script’s performance
- Improved the website preview image resolution on the Verify Login & Logout screen
- Refactored the Report Policy Migrator
- Disabled auto-complete in the login page inputs.
- Changed the data protection policy link
- Changed the issue email template’s website URL
- Admin users can now set the maximum number of websites a member can add
- Excluded usage tracker list can now be added from the new scan page
FIXES
- Fixed a bug when scheduled scan with an imported file is edited by a different user
- Fixed a bug in the Custom Cookie process
- Fixed imported file bug on scan profile saving
- Added minimum agent selection control for Agent Group
- Fixed Agents Scanning tooltip
- Fixed the auto-scaling problem that occurred while using a cloud provider in Acunetix 360 On-Premises
- Fixed the First Seen Date parameter in the Kenna integration
- Fixed Burp XML file import problem. Users can import Burp XML file
- Fixed report validation export problem. Users will not get an empty file
- Fixed the error related to exporting for customers who have many websites.
- The websites belonging to the filtered website group can be exported.
- Users can now add a new URL Rewrite Rule without losing the existing ones
Acunetix 360 On-Premises 1.9.2 – 28th October 2020
IMPROVEMENTS
- Added a ‘Generate optimized CSS code path’ feature to the Authentication Verifier
- Improved the Minimum Security Level area on the Reporting page
- Added a detailed issue template option to the template field in the ServiceNow integration
- HIPAA will be displayed instead of OWASP in the scan summary
- Added the scan folder path change option for internal agents
FIXES
- Fixed the issue where the IP addresses of websites listed on the Discovered Website page were ignored
- Fixed the issue where SAML files failed to download on MAC devices
- Fixed the problem that occurred during verification of the form authentication API endpoint where it returned the same result after the first request
- Fixed the problem that occurred while configuring email notifications
- Fixed the problem that occurred while canceling stalled scans
- Fixed the connection problem that occurred while using a proxy in internal agents
- Fixed the autoscale problem in internal agents
Acunetix 360 On-Premises 1.9.1 – 1st October 2020
NEW FEATURES
- Added support for alternate email for SSO login
- Added Form authentication Hashicorp Vault integration
- Added technologies chart to the global dashboard and website dashboard pages
- Added test credential API endpoint for scan profiles
- Added Form Auth Custom Scripting feature to the New Scan page
- Redesigned the login page
- Redesigned the SSO help text area in the SSO settings page
- Added an API endpoint for the Updating Issue States
- Added Travis CI integration
- Jira integration now supports custom Resolved statuses
- Kenna integration now supports Asset Application Identifier
- Agents can now be installed using Linux and a Linux Agent button has been added to the Configure New Agent page
- Upgraded the scanning engine to version 5.9.027701.
NEW SECURITY CHECKS
- Added Out-of-date security checks for the Liferay portal
- Added Version Disclosure and Out-of-date security checks for Jolokia
- Added Nested XSS security checks
- Added an ASP.NET Razor SSTI security check
- Added a Java Pebble SSTI security check
- Added a Thymeleaf SSTI security check
- Added Version Disclosure and Out-of-date security checks for Grafana
IMPROVEMENTS
- Added an Issue Update API swagger model improvement
- New password criterion of a minimum of 15 characters has been imposed on admin and top-level users
- Improvements have been made to the Form Authentication Test Script screen
FIXES
- Fixed the problem of slow Vulnerable Websites per period report on the reporting
- Fixed the file uploading problem on Imported Links
- Fixed the Knowledge Base Report’s exporting problem
- Fixed the Yukon time zone problem.
- Fixed the Imported Links problem.
- Fixed the problem where the wrong time zone was displaying in Report Templates
- Moved the Scan Profile Test Credentials API post method fields to the body element
- Fixed a database file error in the Report Policy Editor
- Fixed the issue where report policy user changes were not applied when reset.
- Fixed the Vulnerability Detail page responsiveness problem
- Fixed the Sitemap Tree View responsiveness problem
- Fixed the highlighted code focus problem
- Added help text to the HashiCorp Vault integration page
- Fixed the bug that occurred when another team member updated the shared profile
- Fixed a bug that occurred when non-admin users updated profiles
- The Report policy Editor CVSS scores fields now accept empty values
- Fixed a server error that occurred while saving a cloned Scan Policy
- Fixed the problem that occurred when reconfirming the Verify Login and Logout settings