Get a demo
AppSec with Zero Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

Invicti Enterprise On-Demand 10 Sep 2024 v24.9.0

This update includes changes to the internal agents. The internal scan agent’s current version is 24.9.0. The internal authentication verifier agent’s current version is 24.9.0.

New Security Checks

  • Adjusted the severity of SSLv3 and TLS 1.0 vulnerabilities to reflect their security risks
  • Added support for CSP frame-ancestors
  • Added detection for CVE-2024-6297, affecting several WordPress plugins

Improvements

  • Pre-request script now works in DOM as well
  • The Azure Extension now retries connections, preventing pipeline failures

Fixes

  • Remediated a high vulnerability issue on the Agent Dotnet dependency package
  • Fixed an issue that was preventing the selection of configuration items during ServiceNow integration setup
  • Fixed an issue with updating targets using the target group ID
  • Fixed an issue where the Auth Verifier heartbeat was showing an hour behind due to daylight-saving time adjustments
  • Fixed an error that was occurring when editing Report Policies
  • Fixed an issue with a REST API endpoint returning alternating severity data for TLS 1.0 vulnerabilities
  • Resolved an issue with a pre-request script that was affecting crawling functionality