Invicti Enterprise On-Demand 13 Dec 2023 v23.12.0

This update includes changes to the internal agents. The internal scan agent’s current version is 23.12.0. The internal authentication verifier agent’s current version is 23.12.0.

New features

  • Added CVSS 4.0 categorization of vulnerabilities
  • Added support for PCI DSS 4.0

Improvements

  • Added descriptions to the agent warning messages on the Scan Summary page
  • Updated messaging around the functionality of the Team Administrator role
  • Improved the request body rating algorithm
  • Improved the Postman collection parsing algorithm
  • Resolved an issue with adding a client certificate to set up a scan
  • Improved the vulnerability calculator for Boolean MongoDB

Fixes

  • Fixed an issue with the agent auto-updater
  • Added a missing control for SSO users while editing members
  • Fixed a bug in the communication between Invicti and ServiceNow
  • Fixed a bug that was preventing administrators from creating new notifications or editing built-in notifications
  • Fixed an issue that was causing verifiers to not use scan policy proxy settings
  • Fixed an auth verifier client certificate authentication path error
  • Fixed the Invicti crawler that wasn’t getting JS endpoints correctly