The VSA 9.5.0.20 release includes features and bug fixes. See the topics below for details.
IMPORTANT! This release requires agent version 9.5.0.11. Be sure to update your Windows, Mac, and Linux agents after installing this release.
Feature
Security Enhancement
A security vulnerability notification is sent if a someone attempts to create a user with a known malicious naming convention. This release enhances the notification to include specific information about who attempted to create the user and the IP address of the machine that they used.
Bug Fixes
Agent Procedures Module
Fixed an issue that resulted in the agent being Out of Compliance if the agent and VSA were in different time zones and the agent policy included the Exclude the following time range option.
Audit Module & REST API
Fixed an issue where PUT calls to assetmgmt/assets/{agentId}/customfields/{fieldName} were not updating the correct custom fields.
AuthAnvil Integration
Two Factor Authentication (2FA) is now always enforced when 2FA is turned on in VSA, even if the AuthAnvil authentication policy has disabled 2FA.
Classic Monitoring Module
Fixed an issue with Monitor > Dashboard > Dashboard List that could cause a dashlet to display information belonging to a different dashlet under certain conditions.
Fixed an issue where the Monitor Sets service list was empty if the set had more than 600 services. Now, the list contains a maximum of 500 services, and a search filter has been added. Enter text in the filter to display only services containing the string you entered.
Fixed an error that prevented copying Monitor Set folders from one cabinet to another.
Database & Schema
Fixed a performance issue by adding a highly needed index.
Installers
Fixed an issue that caused VSA offline installation to fail.
Live Connect & Remote Control
When starting a Live Connect session, an upgrade dialog now displays if a new version of Live Connect is available.
Fixed an issue where events were sometimes listed with the wrong icon in the Live Connect event viewer.
Patch Management Module
Fixed an issue where approved patches were not being installed by automatic updates.
Security Vulnerability & System Module
Fixed a security vulnerability on the Login page.
SOAP API
To harden security, DTD processing has been disabled for this endpoint: KaseyaWS - External XML Entity Reference.
Software Management Module
Added an index to enhance Software Management performance.
System Module & VSA Core
Fixed an issue with Mac OS agents reporting invalid current date times with the year 1904. These invalid dates prevented alerts from being generated.
