Embed Size (px)
Citation preview
Release Notes
McAfee Vulnerability Manager 7.5.7
Contents About this release New features Resolved issues Installation instructions Known issues Find product documentation
About this releaseThis document contains important information about the current release. We strongly recommend thatyou read the entire document.
See the McAfee Support website for the most latest documentation about this release.
New featuresThis release of the product includes these new features.
MVMLive extension
The MVMLive extension for McAfee ePO provides default dashboards and reports. It also allows use ofMcAfee ePO Query Builder to generate custom reports against MVM Live dataset.
Import CyberArk user credentials from CSV
Provides a tweak to enable bulk import for CyberArk user credentials using a CSV file.
See McAfee online Knowledge Center for an article providing more details about this feature.
New platform support
Supports these new platforms:
• Windows Server 2012
• Windows Server 2012 R2
• SQL Server 2012
1
Resolved issuesThese issues are resolved in this and previous releases of the product.
MVM 7.5.7 issues
• Provides a tweak to disable edit permissions for Workgroup admin accounts to modify or deletescripts on the FASL editor. (896779)
• Scans do not fail when a web asset is added using the Browse option on the scan configuration page.(945267)
• Correct scan engine is displayed for scans that are scheduled to run in future. (946284)
• Tickets for vulnerabilities with Indeterminate results do not close automatically. (947361)
• Consistent asset data is imported even when using multiple LDAP data sources simultaneously.(950722)
• Custom reports include Vulnerability reports even when a single date report is generated with aspecific date instead of the Use Most Recent Data option. (950764)
• User activities of deleted users are not logged in Ticket Activity. (952020)
• Email notifications for scan end display correct end time instead of incorrectly reporting the scanstart time. (952020)
• A warning message to enter password no longer appears when the scan is configured to use Shellcredentials with certificates and not a password. (952649)
• Tickets for a scan do not close automatically even when they are verified and the original scan didnot have ticketing enabled. (954105)
• Results of running McAfee ePO queries on asset tags do not include assets from Custom ReportTemplates even when they share a common name. (955815)
• Users can now be created with the password containing all supported special characters. (956093)
• A domain user can now log on using radius authentication and by entering @ symbol in the username field. (963035)
• Custom reports generated in PDF format display correct report generation time. (963048)
• Provides a tweak to enable bulk import for CyberArk user credentials using a CSV file. (964042)
• Results of running MVM System Vulnerabilities query also include CVE data. (972800)
• Custom reports include data about IP addresses of the assets even when a single date report isgenerated with a specific date instead of the Use Most Recent Data option. (954792)
• Scans do not fail with the error Missing FASL script after publishing custom scripts. (977967)
• Tickets do not close automatically for Windows authentication based scans even when theauthentication ports are blocked. (975621)
• Vulnerability Count by Severity and Vulnerability Count Trend monitors on the dashboarddisplay consistent data. (974548)
• Correct status message is displayed when there is a delay in applying dynamic tags to a largenumber of assets. (957157)
• Scans report the correct operating systems of non-Window assets instead of reporting theiroperating system as Windows. (980501)
2
MVM 7.5.6 issues
• Fixed the Vulnerability Check Configuration Report to display "FID" instead of "ID".
• Fixed the minutes to seconds conversion that determines the duration of the Transform.exeoperation.
• Enhanced the report server to support the more compact form of the vulndatabase.xml contentupdate file.
• Fixed empty CVE entry in the CyberScope report.
• Fixed Discovery module to select the source IP address most appropriate for the determined bestroute to the target.
• Fixed hang condition in the Web Scanner engine by detecting and disallowing unsupportedself-referring objects.
• Fixed premature web scanner process termination.
• Fixed the statistics shown in the Asset Identification Rules display.
• Fixed issues with creating unnamed WebApp, CredentialSet, and VulnSet with the scanconfiguration's organization instead of the logged in user's organization. Also unnamed WebApp areremoved, when deleting a scan configuration.
• Fixed the scan post processing to select stale address entries as deletable and updated the search/query operations to ignore these address entries.
• Fixed reporting of duplicate services.
• Fixed the OVAL compare function between a multi-string state entity object and a multi-stringvariable reference.
• Fixed deadlock detection in FSAssessment when all queued batches have completed assessmentbut memory usage beyond the maximum threshold prevents the processing of additional batches.
• Fixed WHAM module to reduce the frequency of the close-connection log messages.
improved its performance when running on networks with significant network latency.
MVM 7.5.5 issues
• Fixed Solaris OVAL Checks to capture results for processes that have started(oval-solaris.fasl3.Inc).
• Fixed Cyberscope formatting by removing extra white space in: "cpe:/a:McAfee:vulnerability_manager:7.5.4"
• Fixed the engine selection/de-selection to give GlobalAdmin and OrgAdmin users the capability toadd engines to a workgroup regardless of whether the engine is in use in the parent organization.
• Fixed warning message on deleting workgroups to include Web App Configs and Credential Sets ascomponents that can prevent a user from being able to delete a workgroup.
• Fixed launching of shell scripts to randomize sequence and fixed timeout after submitting batchesto FSAssessment for processing.
• Fixed the SQL datetime conversion error by changing the date format to be language-agnostic forthe McAfee ePO data synch operation.
• Fixed asset tagging based on vulnerability name.
3
• Improved the performance of the Dashboard display when the "Save Vulnerability Data" retainsetting is configured with "All".
• Fixed scan engine to support enabling the Remote Registry service on WIN2K3 and WINXP targets.
MVM 7.5.4 issues• Fixed the result processor to compute the FASL output hash regardless of the "System
cryptography" local security policy setting.
• Fixed the web module access violation while parsing the web application URL.
• Fixed organization deletion so that credential sets are not deleted unless they are defined in theorganization.
MVM 7.5.3 issues• Fixed the asset IP address save operation to eliminate duplicates.
• Fixed MVM Data Import using ePO data source filter.
• Improved the performance of the save scan.
• Fixed the asset advanced search to allow at least 10 IP addresses in the search criteria.
• Fixed the delete user operation to preserve the ticket status when possible.
• Fixed close ticket operation when invoked from SNMP.
• Fixed violation of PRIMARY KEY constraint 'TagAssetsPK' error on scan startup.
• Fixed the Foundstone Notification Service crash when using SNMP.
• Extended the timeout for workgroup delete operations.
• Fixed the script return code to indicate non-vulnerable when the target OS does not match thescript 's filter.
• Fixed the crash in FSAssessment.exe when logging long diagnostic messages.
• Fixed ticket verification when the target is unreachable.
• Fixed first found and last found dates in the CSV reports.
• Fixed Report Server transform process error due to premature timeout.
• Fixed CSV-only emailed reports to exclude extraneous folder.
• Fixed report server crash while generating custom HTML report.
• Fixed scan description text.
• Fixed primary/secondary phone number text validation.
• Fixed the report generation schedule editor to preserve the recurring report generation schedule.
• Fixed SQL Server error when creating a Dynamic tag based on multiple IP addresses.
• Fixed Web Module authentication when using NTLM.
MVM 7.5.2 issues• Fixed asset reconciliation to ignore previous (stale) IP address entries.
• Fixed MyFoundscore display in Enterprise Manager for workgroup administrators.
• Fixed possible XSS injection.
4
• Fixed Vulnerability Set filter for the "Patch Availability" condition.
• Fixed the error handler for the TCP banner grabbing in the Discovery module.
• Improved the performance of the WebModule XML result file generator and added logging of MVMbuild number in the "fsa" log file.
• Fixed the error "violation of primary key constraint" reported by stored procedure"ReconUpdateAssetProperties_Service_Vuln".
• Fixed OS identification to show 'R2' as it applies to Windows Server 2003.
• Updated the "Preferences" dialog box in the Foundstone Configuration Manager application toaccept 548 as the maximum of days (approximately 1.5 years or 18 months).
• Fixed scan controller loop when the scan is finishing and the user who started the scan has beenmoved or deleted.
• Fixed detection of available network stacks before each scan and log diagnostic message if therequired stack is not available.
• Fixed scanning of Windows8 and Windows2012 targets.
• Fixed TNS service protocol detection.
• Fixed OS filter in the Wireless module.
• Fixed retrieval of version number from remote files.
MVM 7.5.1 issues
• Fixed infinite loop in Discovery module during TCP/UDP fingerprinting.
• Fixed form authentication using a credential that includes the character "ñ".
• Fixed FSAssessment crash in the FASLModule.
• Fixed date format specification for the FSUpdate table SQL query.
• Fixed XCCDF Benchmark reports for STIG templates.
• Fixed date conversion error while updating the job state on a British-English SQL Server.
• Fixed the MVM Data Import task invoked by the MVM extension.
• Fixed the Vuln Set rule editor to hide the preview button until the editor has completed processing.
• Fixed the workgroup-delete operation to display an error when the delete fails.
• Fixed the role editor to allow the viewing of the complete organization tree.
• Fixed the FASL engine script launcher to avoid running too many scripts simultaneously against asingle target.
• Fixed Dashboard Risk Trend Graph not Loading.
• Fixed premature timeout determination made by the API and script monitoring object andimproved its performance when running on networks with significant network latency.
5
Installation instructionsFor information about installing or upgrading McAfee Vulnerability Manager, see McAfee VulnerabilityManager 7.5 Product Guide .
Known issuesFor a list of known issues in this product release, see this McAfee KnowledgeBase article: KB82536.
Find product documentationAfter a product is released, information about the product is entered into the McAfee online KnowledgeCenter.
Task1 Go to the McAfee ServicePortal at http://support.mcafee.com and click Knowledge Center.
2 Enter a product name, select a version, then click Search to display a list of documents.
Copyright © 2014 McAfee, Inc. Do not copy without permission.
McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States andother countries. Other names and brands may be claimed as the property of others.
