Product Update 4.8.4.3 - November 3, 2022

The Mandiant Security Validation (MSV) team is pleased to announce version 4.8.4.3 of the platform.  

Bug Fix

• Resolves the appearance of a watermark stating “License Expired” on the network map visualization page and other locations  

Appliance OS Security Update

The Mandiant Advantage Security Validation Product team would like to announce the availability of a security update for the platform. This security update applies to Directors, Actors, and Protected Theaters that are virtual appliances. The criticality of the vulnerabilities resolved are listed below.

Mandiant uses Red Hat’s security ratings to determine the criticality of vulnerabilities identified and resolved. This rating system is a combination of a four-point scale and the Common Vulnerability Scoring System (CVSS) base scores. The criticality of the vulnerabilities resolved are listed below.

Details for the vulnerabilities against the Director are as follows:

• CentOS 7 : expat (CESA-2022:6834)
• CentOS 7 : bind (CESA-2022:6765)
• CentOS 7 : open-vm-tools (CESA-2022:6381)

Details for the vulnerabilities against the Actor are as follows:

• CentOS 7 : expat (CESA-2022:6834)
• CentOS 7 : bind (CESA-2022:6765)
• CentOS 7 : open-vm-tools (CESA-2022:6381)

Details for the vulnerabilities against the Protected Theater are as follows:

• CentOS 7 : expat (CESA-2022:6834)
• CentOS 7 : bind (CESA-2022:6765)
• CentOS 7 : open-vm-tools (CESA-2022:6381)
• CentOS 7 : java-1.8.0-openjdk (CESA-2022:7002)

You have two options for installing this security update:

• Via the Verodin GUI, using a Patch file (verodin_sec_update_4.8.4.3.patch). 
• Via the command line, using a tar.gz file (verodin_repo_4.8.4.3.tar.gz). This method allows you to apply the security patch to any version of the platform.

To download documentation and software (appliance images, installers, and update packages) visit the Validation Section of the Docs Portal.