Attack Surface Management Discovery Engine release v1.43.0
This Attack Surface Management Discovery Engine release includes:
- DNS TLD enumeration now covers the complete list of IANA TLDs.
- Added or improved the remediation for exposed database issues.
Bug Fixes
- Individual IP addresses in a out-of-scope netblock are now enumerated and scoped out.
- Fixed a bug where a check didn't run because the Issue name and the task name were not the same.
Technology Fingerprints
- Added Ivanti Connect Secure technology fingerprints
Vulnerability Checks
- Added CVE-2023-22527 Vulnerability Check - (Atlassian Confluence Remote Code Execution)
- Added CVE-2023-46805 Vulnerability Check - (Ivanti Authentication Bypass)
- Added CVE-2024-21887 Vulnerability Check - (Ivanti Connect Secure - Remote Code Execution)