July 10, 2024 ASM Discovery Engine Release

Attack Surface Management Discovery Engine release v2024.07.10

This Attack Surface Management Discovery Engine release includes:

Added Dynamic Wordpress Plugin Fingerprinting Capability
Disabled uri_check_api_endpoint in all Workflows

Bug Fixes

Fixed Potential False Positive - Microsoft Exchange Hafnium Compromised Webshell
Fixed bug where some Inferred CVEs were not linking to Mandiant Advantage Threat Intelligence (MATI)
Fixed "undefined method nil" bug with the Azure integration that was preventing Entities from being fetched
Fixed "missing keyword: gcp_org_id" bug with the Google Cloud integration that was preventing Entities from being fetched

Vulnerability Checks

Added CVE-2024-6387 - Remote Unauthenticated Code Execution Vulnerability in OpenSSH Version Check
Added CVE-2024-34102 - Adobe Commerce - XML External Entity Injection

Technology Fingerprints

Added Oracle Solaris technology fingerprints

© Copyright Mandiant. All rights reserved

First Published: July 10, 2024
Last updated: July 11, 2024

In This Article

Was This Article Helpful?

How would you rate this article?

Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.