October 11, 2023 ASM Discovery Engine Release

Attack Surface Management Discovery Engine release v1.31.0

This Attack Surface Management Discovery Engine release includes:

Improved remediation for IIS Shortnames Misconfiguration
Added nodejs remediation for Insecure Cookie (Missing 'HttpOnly' Attribute) Issue

Vulnerability Checks

Added CVE-2023-40044 vulnerability check (Progress WS_FTP Server remote code execution)
Added CVE-2023-33246 vulnerability check (Apache RocketMQ remote code ececution)
Added CVE-2023-22515 vulnerability check (Atlassian Confluence broken access control)

Technology Fingerprints

Improved Progress technology fingerprints
Improved Atlassian Confluence technology fingerprints

© Copyright Mandiant. All rights reserved

First Published: October 11, 2023
Last updated: October 19, 2023

In This Article

Was This Article Helpful?

How would you rate this article?

Copyright © 2020 – 2021 Your Company, LLC. All rights reserved.