July 1, 2024 ASM Discovery Engine Release

Attack Surface Management Discovery Engine release v2024.07.01

This Attack Surface Management Discovery Engine release includes:

Support for Azure Entities via OCAI

Bug Fixes

Fixed bug that allowed tasks to continue run or be requeued after a scan is completed
Optimized redirect handling to block specific URLs
Fixed TLS Handshake failures with a few legacy servers

Vulnerability Checks

Fixed NameError: undefined local variable our_version for Prestashop CVE
Added CVE-2024-31848 - CData API Server - Authentication Bypass
Added CVE-2024-32399 - RaidenMAILD - Arbitrary File Read
Added CVE-2024-28995 - SolarWinds Serv-U - Arbitrary File Read
Added CVE-2024-31849 - CData Connect - Authentication Bypass
Added CVE-2024-31850 - CData Arc - Authentication Bypass
Added CVE-2024-31851 - CData Sync - Authentication Bypass

Technology Fingerprints

Corrected CPE product name
Updated fingerprinting timeouts and retries
Updated product name and version for Palo Alto Pan OS
Added CData Product technology fingerprints
Added polyfill.js and polyfill.io technology fingerprints
Added RaidenMAILD technology fingerprints
Added FreeBSD Operating System technology fingerprints
Added Oracle Linux Operating System technology fingerprints
Added Prometheus Monitoring Tool technology fingerprints

© Copyright Mandiant. All rights reserved

First Published: July 1, 2024
Last updated: July 2, 2024

In This Article

Was This Article Helpful?

How would you rate this article?

Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.