New Policies in July 2022 - 1.0 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Release Notes

Product
Cortex XPANSE
Version
1.0
Creation date
2022-08-25
Last date published
2023-01-10
Category
Release Notes

The following Cortex Xpanse issue policies apply to both Cortex Xpanse Expander and Cortex Xpanse Assess. These policies were introduced or updated in July 2022:

  • Oracle Business Intelligence

  • Amcrest Technologies Camera

  • TVT NVMS Video Management

  • Sonatype Nexus Repository Manager

  • RTI Connext DDS

  • Hewlett Packard Application Lifecycle Management (ALM)

  • QNAP Network Attached Storage (NAS)—This policy identifies QNAP NAS structures as well as associated online portals. Model numbers and the model series are identified, version numbers of NASFTPD are also extracted.

  • NETGEAR DGN Series Router

  • NETGEAR WNR Series Router

  • Insecure Hikvision Device—This policy identifies Hikvision devices that are vulnerable to CVE-2021-36260.

  • Insecure Apache Web Server—Update to Insecure Apache Web Server to flag now outdated version (2.4.53) as Apache Web Server recently released 2.4.54.

  • Dell OpenManage Enterprise

  • BQE BillQuick Billing Software

  • Regular and Insecure Policies for Cisco Evolved Programmable Network Manager (EPNM)

  • SAP Internet Communication Framework

  • Pi-Hole

  • PlaySMS

  • Microfocus Access Manager

  • Insecure Jenkins Server

  • Rejetto HTTP File Server (HFS)—Policy for insecure and regular versions.

  • PhpMyAdmin

  • Zoho ManageEngine ADAudit Plus—Policy for insecure and regular versions.

  • Redhat JBoss Enterprise Application Platform

  • Cisco Webex Meetings Server—Updated to remove overlap with the SolarWinds policy.