6
Release Notes McAfee Vulnerability Manager 7.5.6 Contents About this release New features Resolved issues Known issues Find product documentation About this release This document contains important information about the current release. We strongly recommend that you read the entire document. New features This release of the product includes these new features. Creating tickets based on the CVSS score McAfee Vulnerability Manager now allows you to set a CVSS score for generating tickets. In the Global Options for Tickets, you can set a CVSS score and tickets are generated when the CVSS score for a vulnerability is equal to or higher than the set score. 1 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to, then type a CVSS score. 3 Click Save Changes. Assigning tickets based on a CVSS range McAfee Vulnerability Manager now allows you to set a CVSS range for assigning tickets. In the Ticketing Rules, you can set a rule with a CVSS score range, and tickets are assigned based on that range. 1 Select Manage | Ticketing, then click the Rules tab. 2 Click Create New Rule. 1

McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

  • Upload
    buihanh

  • View
    216

  • Download
    0

Embed Size (px)

Citation preview

Page 1: McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

Release Notes

McAfee Vulnerability Manager 7.5.6

Contents About this release New features Resolved issues Known issues Find product documentation

About this releaseThis document contains important information about the current release. We strongly recommend thatyou read the entire document.

New featuresThis release of the product includes these new features.

Creating tickets based on the CVSS score

McAfee Vulnerability Manager now allows you to set a CVSS score for generating tickets.

In the Global Options for Tickets, you can set a CVSS score and tickets are generated when the CVSSscore for a vulnerability is equal to or higher than the set score.

1 Select Manage | Ticketing, then click the Global Options tab.

2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to, then type a CVSS score.

3 Click Save Changes.

Assigning tickets based on a CVSS range

McAfee Vulnerability Manager now allows you to set a CVSS range for assigning tickets.

In the Ticketing Rules, you can set a rule with a CVSS score range, and tickets are assigned based onthat range.

1 Select Manage | Ticketing, then click the Rules tab.

2 Click Create New Rule.

1

Page 2: McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

3 Type a name for the rule and an optional description. You can also set the other rule options, likewho the tickets are assigned to.

4 Click Add Criteria.

5 Select CVSS Range from the drop-down menu.

6 Type the CVSS range for assigning tickets. The default operator is Equals, and tickets are assignedwhen the CVSS score is within the CVSS range. Selecting Not Equals will assign tickets when theCVSS score is outside the CVSS range.

7 Click Save.

Reset the Global Administrator passwordThe Global Administrator password can be reset using the FCM Console.1 Log on to the server running the FCM Console.

2 Select Start | All Programs | Foundstone | FCM Console.

3 Select Tools | Reset Global Admin Password.

4 Type the Faultline DB password.

5 Type and confirm the new Global Admin Password, then click OK.

Named vulnerability setsPreviously, McAfee Vulnerability Manager scan templates used a pre-selected set of vulnerabilities.With MVM 7.5.6, all scan templates have a vulnerability set with a matching name (like _McAfee_AssetDiscover Scan). These vulnerability sets are selectable. When you use a scan template, you could usethe default vulnerability set, use a different McAfee vulnerability set, or use your own vulnerability set.McAfee vulnerability sets are read-only and cannot be altered.

Scans created before updating to MVM 7.5.6 are not affected by the update, the vulnerabilitiesselected are not changed to a named vulnerability set. You can edit your existing scans and select anamed vulnerability set.

1 Create or edit a scan configuration.

2 Select Vuln Selection on the Settings tab.

3 Select a vulnerability set from the Vuln Set list.

4 Select all the other options you want for the scan configuration, then save it.

Resolved issuesThese issues are resolved in this release of the product. For a list of issues fixed in earlier releases,see the Release Notes for the specific release.

McAfee Vulnerability Manager 7.5.6• Fixed the Vulnerability Check Configuration Report to display "FID" instead of "ID". (900327)

• Fixed the minutes to seconds conversion that determines the duration of the Transform.exeoperation. (917018)

• Enhanced the report server to support the more compact form of the vulndatabase.xml contentupdate file. (921295)

2

Page 3: McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

• Fixed empty CVE entry in the CyberScope report. (922005)

• Fixed Discovery module to select the source IP address most appropriate for the determined bestroute to the target. (893415)

• Fixed hang condition in the Web Scanner engine by detecting and disallowing unsupportedself-referring objects. (910681)

• Fixed premature web scanner process termination. (929928)

• Fixed the statistics shown in the Asset Identification Rules display. (910113)

• Fixed the create of unnamed WebApp, CredentialSet, and VulnSet to have the scan configuration'sorganization instead of the logged in user's organization. Also added the delete of the unnamedWebApp when deleting a scan configuration. (913679)

• Fixed the scan post processing to mark stale address entries as deletable and updated the search/query operations to ignore these address entries. (916458)

• Fixed reporting of duplicate services. (917056)

• Fixed the OVAL compare function between a multi-string state entity object and a multi-stringvariable reference.

• Fixed deadlock detection in FSAssessment when all queued batches have completed assessmentbut memory usage beyond the max threshold prevents the processing of additional batches.(923171)

• Fixed WHAM module to reduce the frequency of the close-connection log messages. (936113)

McAfee Vulnerability Manager 7.5.5

• Fixed Solaris OVAL Checks to capture results for processes that have just started(oval-solaris.fasl3.inc). (874632)

• Fixed CyberScope formatting by removing extra white space in: "cpe:/a:mcafee:vulnerability_manager:7.5.4". (908779)

• Fixed the engine selection/de-selection to give GlobalAdmin and OrgAdmin users the capability toadd engines to a workgroup regardless of whether or not the engine is in use in the parentorganization. (907023)

• Fixed workgroup delete warning message to include Web App Configs and Credential Sets ascomponents that can prevent a user from being able to delete a workgroup. (908778)

• Fixed launching of shell scripts to randomize sequence and fixed timeout after submitting batchesto FSAssessment for processing. (882613)

• Fixed the SQL datetime conversion error by changing the date format to be language-agnostic forthe ePO data synch operation. (900398)

• Fixed asset tagging based on vulnerability name. (882280)

• Improved the performance of the Dashboard display when the "Save Vulnerability Data" retainsetting is configured with "All". (882280)

• Fixed scan engine to support enabling the Remote Registry service on WIN2K3 and WINXP targets .(901136)

3

Page 4: McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

McAfee Vulnerability Manager 7.5.4• Fixed the result processor to compute the FASL output hash regardless of the "System

cryptography" local security policy setting. (882505)

• Fixed the web module access violation while parsing the web application URL. (884705)

• Fixed organization deletion so that credential sets are not deleted unless they are defined in theorganization. (887360)

McAfee Vulnerability Manager 7.5.3• Fixed the asset IP address save operation to eliminate duplicates. (836814)

• Fixed MVM Data Import using ePO data source filter. (838280)

• Improved the performance of the save scan operation. (838666)

• Fixed the asset advanced search to allow at least 10 IP addresses in the search criteria. (842876)

• Fixed the delete user operation to preserve the ticket status when possible. (872620)

• Fixed close ticket operation when invoked from SNMP. (874960)

• Fixed violation of PRIMARY KEY constraint 'TagAssetsPK' error on scan startup. (877607)

• Fixed the Foundstone Notification Service crash when using SNMP. (874916)

• Extended the timeout for workgroup delete operations. (874963)

• Fixed the script return code to indicate non-vulnerable when the target OS does not match thescript's filter. (832361)

• Fixed the crash in FSAssessment.exe when logging long diagnostic messages. (841964)

• Fixed ticket verification when the target is unreachable. (871924)

• Fixed first found and last found dates in the CSV reports. (842913)

• Fixed Report Server transform process error due to premature timeout. (846404)

• Fixed CSV-only emailed reports to exclude extraneous folder. (873059)

• Fixed report server crash while generating custom HTML report. (873480)

• Fixed scan description text. (756768)

• Fixed primary/secondary phone number text validation. (834949)

• Fixed the report generation schedule editor to preserve the recurring report generation schedule.(871167)

• Fixed SQL server error when creating a Dynamic tag based on multiple IP addresses. (872677)

• Fixed Web Module authentication when using NTLM. (836638)

McAfee Vulnerability Manager 7.5.2• Fixed asset reconciliation to ignore previous (stale) IP address entries. (822383)

• Fixed MyFoundscore display in Enterprise Manager for workgroup administrators. (825911)

• Fixed possible XSS injection. (798723)

• Fixed Vulnerability Set filter for the "Patch Availability" condition. (822405)

• Fixed the error handler for the TCP banner grabbing in the Discovery module. (793398)

4

Page 5: McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

• Improved the performance of the WebModule XML result file generator and added logging of MVMbuild number in the "fsa" log file. (809582)

• Fixed the error "violation of primary key constraint" reported by stored procedure"ReconUpdateAssetProperties_Service_Vuln". (819230)

• Fixed OS identification to show 'R2' as it applies to Windows Server 2003. (819299)

• Updated the "Preferences" dialog box in the Foundstone Configuration Manager application toaccept 548 as the maximum of days (approximately 1.5 years or 18 months). (821014)

• Fixed scan controller loop when the scan is finishing and the user who started the scan has beenmoved or deleted. (811157)

• Fixed detection of available network stacks before each scan and log diagnostic message if therequired stack is not available. (831799)

• Fixed scanning of Windows8 and Windows2012 targets. (834256)

• Fixed TNS service protocol detection. (834590)

• Fixed OS filter in the Wireless module. (834954)

• Fixed retrieval of version number from remote files. (836000)

McAfee Vulnerability Manager 7.5.1

• Fixed infinite loop in Discovery module during TCP/UDP fingerprinting.

• Fixed form authentication using a credential that includes the character "ñ".

• Fixed FSAssessment crash in the FASLModule.

• Fixed date format specification for the FSUpdate table SQL query.

• Fixed XCCDF Benchmark reports for STIG templates.

• Fixed date conversion error while updating the job state on a British-English SQL Server.

• Fixed the MVM Data Import task invoked by the MVM ePO extension.

• Fixed the Vuln Set rule editor to hide the preview button until the editor has completed processing.

• Fixed the workgroup-delete operation to display an error when the delete fails.

• Fixed the role editor to allow the viewing of the complete organization tree.

• Fixed the FASL engine script launcher to avoid running too many scripts simultaneously against asingle target.

• Fixed Dashboard Risk Trend Graph not Loading.

• Fixed premature timeout determination made by the API and script monitoring object andimproved its performance when running on networks with significant network latency.

Known issuesFor a list of known issues in this product release, see this McAfee KnowledgeBase article: KB81159.

5

Page 6: McAfee Vulnerability Manager 7.5 Select Manage | Ticketing, then click the Global Options tab. 2 Select Create tickets for all vulnerabilities with a CVSS higher than or equal to,

Find product documentationMcAfee provides the information you need during each phase of product implementation, frominstallation to daily use and troubleshooting. After a product is released, information about the productis entered into the McAfee online KnowledgeBase.

Task1 Go to the McAfee Technical Support ServicePortal at http://mysupport.mcafee.com.

2 Under Self Service, access the type of information you need:

To access... Do this...

User documentation 1 Click Product Documentation.

2 Select a product, then select a version.

3 Select a product document.

KnowledgeBase • Click Search the KnowledgeBase for answers to your product questions.

• Click Browse the KnowledgeBase for articles listed by product and version.

Copyright © 2014 McAfee, Inc. Do not copy without permission.

McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, Inc. or its subsidiaries in the United States andother countries. Other names and brands may be claimed as the property of others.