August 28, 2024 ASM Discovery Engine Release

Attack Surface Management Discovery Engine release v2024.08.28

This Attack Surface Management Discovery Engine release includes:

Vulnerability Checks

  • Added CVE-2024-36104 - Apache OFBiz - Remote Code Execution
  • Added CVE-2024-38856 - Apache OFBiz - Remote Code Execution
  • Added CVE-2024-41107 - Apache CloudStack - Authentication Bypass
  • Added CVE-2023-37679 - NextGen Healthcare Mirth Connect - Remote Code Execution
  • Added CVE-2023-43208 - NextGen Healthcare Mirth Connect - Remote Code Execution
  • Added CVE-2024-7928 - CVE-2024-7928 - FastAdmin < V1.3.4.20220530 - Path Traversal
  • Added CVE-2024-7593 - Ivanti Virtual Traffic Manager - Authentication Bypass
  • Added CVE-2024-28000 Version-Only Check - LiteSpeed Cache - Authentication Bypass

Technology Fingerprints

  • Added Ivanti Virtual Traffic Manager detection
  • Added Apache DolphinScheduler detection
  • Added FastAdmin detection
  • Fixed an issue where HTTP titles with 'Login' were bring incorrectly tagged as Salesforce
  • Updated 'Litespeed-Cache' Wordpress Plugin to be detected using active checks
© Copyright Mandiant. All rights reserved
  • First Published: August 29, 2024
  • Last updated: August 29, 2024
In This Article
Related Articles
  • None
Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.