The following Cortex Xpanse issue policies apply to both Cortex Xpanse Expander and Cortex Xpanse Assess. These policies were introduced or updated in March 2022:
Adobe Commerce—This policy identifies indicators for both Magento Open Source and Adobe Commerce. Version numbers are not identified.
ForgeRock Access Management (AM) Server
IBM Planning Analytics
Insecure Cisco Small Business RV Series Router—This policy was updated to detect CVE-2019-1653.
Insecure SolarWinds Orion Platform policy has been updated to mark versions 2020.2.6 or earlier as vulnerable
Microsoft OWA policy has been updated to identify numbers
NetGear ProSafe—NetGear ProSafe under Software identified in BOD 22-01
OpenVMS Operating System
SAP NetWeaver Application Server—This policy was updated to enable version numbers to be extracted under certain circumstances.
Services Hosted in Adversary Country policy updated to include On Prem assets only
Sophos SG Series Firewall—This policy identifies a Sophos SG Series firewall, model and serial number are identified where available.
Sophos XG Series Firewall—This policy identifies a Sophos XG Series firewall, model number is identified where available.
Sophos XGS Series Firewall—This policy identifies a Sophos XGS Series firewall, model and serial number are identified where available.
Zabbix IT Monitoring Software
Zoho ManageEngine ADManager
Zoho ManageEngine Desktop Central
Zoho ManageEngine Desktop Central MSP—This policy identifies the presence of Desktop Central MSP on a host; the web UI may also be surfaced.