Invicti Enterprise On-Demand 27 Aug 2024 v24.8.1

This update includes changes to the internal agents. The internal scan agent’s current version is 24.8.1. The internal authentication verifier agent’s current version is 24.8.1.

New Security Checks

• Added detection for Jenkins Secret as a Sensitive Data Exposure

Fixes

• Fixed the issue where the ServiceNow Integration fields were not loading while editing the integration
• Fixed the issue where clicking the clone button in the Jira integration incorrectly redirected to the create new integration page
• Fixed Chromium-related issues in the agent
• Corrected the description of the “api/1.0/scans/test-scan-profile-credentials” endpoint
• Fixed the error when selecting a custom time period in the Dashboard Date Range
• Fixed the issue where temp folders could not be deleted and Chromium instances remained open when Puppeteer encountered an error
• Fixed the display issue on the Scan Summary page
• Fixed the false positive on detection of “Stack Trace Disclosure (Java)”
• Fixed a scan authentication issue and reduced latency
• Fixed the issue that was preventing the download of detailed PCI reports
• Fixed an issue related to the Moment.js regex
• Updated the OpenSSL configuration on the Cloud AMI
• Fixed the disk space issue in the Invicti Common folder
• Fixed the automatic syncing of issues with Jira integrations
• Fixed the issue where scans were failing due to a TLS connection not being established
• Fixed the OIDC authentication issue
• Fixed the issue where the REST API endpoint returned HTTP 400 instead of HTTP 200 when sending custom values
• Fixed the issue preventing proper login to the target URL