Virsec Security Platform (VSP) leverages the patented Trusted Execution™ technology to protect high-value enterprise applications deployed in data center or on public and hybrid clouds, from highly sophisticated attacks including memory corruption, code injection, credential theft, supply chain and other sophisticated attacks. VSP effectively creates and enforces guardrails around the application as it executes. These guardrails ensure that applications only perform as intended and restrain bad actors from corrupting memory as a precursor to hijacking control of the application and subsequent stealing or destroying high-value enterprise data.
DATE OF RELEASEDATE OF RELEASE
9/30/2022
FIXESFIXES
|
Defect ID |
Description |
|
HMM-3543 |
Publisher/Package settings are not sent to CMS consistently in pristine mode |
|
HMM-4055 |
Maintenance Mode is stuck in Stopping state even when the protection mode is applied in the Probe |
|
HMM-4574 |
FSM reports Virsec files as Incidents |
|
SUPP-242 |
VSP services are reported as PM incidences |
|
SUPP-262 |
CMS UI Attack count is not refreshed when incidents are acknowledged |
|
SUPP-366 |
Archived nodes cannot be deleted on CMS |
|
SUPP-386 |
Dormant DNet app does not move to normal from provisioned state, after the application is accessed |
|
SUPP-391 |
False positive incidents are reported due to delay in registering for RL check |
|
SUPP-426 |
Scan Errors observed on some servers when Maintenance mode is stopped |
|
SUPP-436 |
PHP Segmentation fault occurs on RHEL |
|
SUPP-439 |
Out of memory error encountered on AE |
|
SUPP-442 |
Incidents are not auto acknowledged after the library is allowlisted |
|
SUPP-443 |
Probe Uninstallation is not successful during upgrades |
|
SUPP-448 |
When HMM is in protect mode, servers are in hung state and it is not possible to log in to the servers |
|
SUPP-451 |
Archiving incidents from CMS UI do not clear the application status back to Normal |
|
SUPP-456 |
Multiple occurrences of malicious XSS payload in input to vRule Engine result in attack detection failures |
|
SUPP-460 |
Virsec web protection does not work for a few Reflected XSS and one SQLI payload on DVWA app for IAE-PHP |
|
SUPP-470 |
High Memory consumption by VSP services on Windows server |
|
WEB-3815 |
MS Exchange Server does not report incidents for attacks against the OWA app |
|
WEB-4438 |
2 MB Response restriction does not work as expected in other languages except English |
Table – VSP 2.4.6 Fixes
KNOWN ISSUESKNOWN ISSUES
|
Category |
Description |
Known Issue/ Caveat |
|
Host Monitoring |
||
|
Windows library issue |
In Windows, VSP host monitoring does not suspend already running processes that have non-whitelisted libraries loaded into it |
Known Issue |
|
Linux HMM agent limitation |
In Linux, VSP host monitoring injects its own HMM agent into every running process. The HMM agent expects a specific version of glibc. If the application loads its own custom glibc version that is not compatible with the HMM agent, the HMM agent may not load correctly causing some application issues |
Limitation |
|
Windows application execution inconsistency |
In Windows, an application can be started with or without its .exe extension. Since VSP host monitoring analyzes the commandline as is, running python.exe vs python may result in different detections |
Limitation |
Table – Known Issues