Attack Surface Management Discovery Engine release v1.38.0
This Attack Surface Management Discovery Engine release includes:
- Enhanced typosquat detection to add support for TLDs in domain permutations
Bug Fixes
- Updated Citrix NetScaler checks including misspellings in the content length headers
- Fixed duplicate Issues due to generic checks
- Updated to only run SSL checks if an Entity is not hidden
Vulnerability Checks
- Added CVE-2023-36844/36845/36846 Active Vulnerability Check - (Juniper J-Web - Remote Code Execution)
- Added CVE-2023-35813 Active Vulnerability Check - (Sitecore - Remote Code Execution)
- Added CVE-2023-29357 Active Vulnerability Check - (Microsoft SharePoint Server - Authentication Bypass)
- Added CVE-2023-47246 Active Vulnerability Check - (SysAid On-Premise - Remote Code Execution)
- Added Vulnerability Check for Hashicorp Consul KV Exposed Secrets
Technology Fingerprints
- Added new Storage Bucket technology fingerprints
- Added SysAid Help Desk Software Detection technology fingerprint