New and updated Cortex Xpanse issue policies in July 2022
The following Cortex Xpanse issue policies apply to both Cortex Xpanse Expander and Cortex Xpanse Assess. These policies were introduced or updated in July 2022:
Oracle Business Intelligence
Amcrest Technologies Camera
TVT NVMS Video Management
Sonatype Nexus Repository Manager
RTI Connext DDS
Hewlett Packard Application Lifecycle Management (ALM)
QNAP Network Attached Storage (NAS)—This policy identifies QNAP NAS structures as well as associated online portals. Model numbers and the model series are identified, version numbers of NASFTPD are also extracted.
NETGEAR DGN Series Router
NETGEAR WNR Series Router
Insecure Hikvision Device—This policy identifies Hikvision devices that are vulnerable to CVE-2021-36260.
Insecure Apache Web Server—Update to Insecure Apache Web Server to flag now outdated version (2.4.53) as Apache Web Server recently released 2.4.54.
Dell OpenManage Enterprise
BQE BillQuick Billing Software
Regular and Insecure Policies for Cisco Evolved Programmable Network Manager (EPNM)
SAP Internet Communication Framework
Pi-Hole
PlaySMS
Microfocus Access Manager
Insecure Jenkins Server
Rejetto HTTP File Server (HFS)—Policy for insecure and regular versions.
PhpMyAdmin
Zoho ManageEngine ADAudit Plus—Policy for insecure and regular versions.
Redhat JBoss Enterprise Application Platform
Cisco Webex Meetings Server—Updated to remove overlap with the SolarWinds policy.