Invicti Enterprise On-Premises 28 Feb 2023 v23.2.0

Improvements

  • Improved the Technologies page for detailed version information of technologies identified.
  • Improved the target website deletion process to prevent any errors because of instantaneous action.
  • Improved the scan compression algorithm.
  • Add a new API endpoint (api/1.0/issues/summary) for better issue reporting.
  • Added /api/1.0/scans/validate-imported-links-file to retrieve errors in the imported links.
  • Added the last revived date parameter to the All Issues API endpoint.
  • Improved the API endpoint to create team members and update their information.
  • Improved the maximum scan duration to stop only those scans with the Scanning status.
  • Added a token matching rule when it is required to get the token from a website other than the target URL.
  • Added secure attribution for cookies.
  • Added interval for Update Agents’ list on the installation wizard.
  • Added the GUID control before getting the integration id to prevent any issue in the flow.
  • Updated the scan control center to drop the difference between the unsuccessful resuming and pausing status.
  • Improved the detection of whether the Jira instance is on the cloud or on-premises.
  • Improved the ServiceNow Incident Management integration.
  • Added active scan check when deleting an authentication profile.
  • Improved the Invicti web application performance.
  • Improved the website deletion process to block access to the associated file of the deleted website.
  • Improved the Jira integration to add the Affected Versions as an option.
  • Updated the TeamCity plugin that requires the Server URL and Domain URL to be the same.
  • Improved the vulnerability report in which any credit card information is masked.
  • Added the Authentication Verifier Service’s IP address to the setting to prevent it from being affected by the IP Restrictions.
  • Improved the agent’s configuration file to specify a folder where the agent’s scan data is to be saved.
  • Fixed case sensitivity when checking HTTP headers for JSON Web Tokens.
  • Fixed missing CSP 3 Directive.
  • Changed the Second Level Domain option on the Discovery Service to disabled by default.
  • Improved the scanning of Burp files that are without XML extensions.

Fixes

  • Fixed the scanner agent issue where the Linux agents failed because of TLS as a result of breaking changes in .NET 5.
  • Fixed the configuration issue in a Docker scanner agent.
  • Fixed the Hawk validation issue.
  • Fixed the issue in the IAST installer that threw an error message despite successful installation.
  • Fixed the basic authentication issue that threw an error although the credentials are correct in the scan profile.
  • Fixed the business logic recorder issue that prevented the recorder to play recorded steps during a scan.
  • Fixed the inconsistent number of vulnerability counts by severity information on the scan report page.
  • Fixed the vulnerability serialization issue that caused the out-of-memory error.
  • Fixed the scan scope issue that does not load the scan scope correctly on the first try.
  • Fixed the scan profile issue that failed to register the database selected on the scan optimization page.
  • Fixed the corrupted scan data ZIP file downloaded via an API endpoint.
  • Fixed the silent installation issue in which the installation path cannot be located.
  • Fixed the business logic recorder issue where the session is dropped because of a cookie.
  • Fixed the sitemap issue that fails to show the site map after the scan.
  • Fixed the null reference exception thrown in the new installation.
  • Fixed the issue that fails to render the API document’s index page.
  • Fixed the bug that threw an error when exporting a report.
  • Fixed a bug that prevents the scanner from attacking to login and logout pages.
  • Fixed the synchronization issue for the Discovery Service.
  • Fixed an issue about header encoding that cause false positive CSP reporting.
  • Fixed an issue that caused unhandled exceptions when there is no service endpoint definition in the WSDL file.
  • Fixed null reference error during the SCIM User creation.
  • Fixed the user interface issue to reflect the agent information on the Installed Framework accurately.
  • Fixed the Hawk URL issue that is changed after the scan policy update via an API endpoint.
  • Fixed the bug that throws a null reference exception at the authentication.
  • Fixed the inconsistent risk level on the generated reports.
  • Fixed the bug that throws a null reference exception at the authentication.
  • Fixed the IPv6 registered website resolution issue thrown before scanning.
  • Improved the maximum scan duration detection.
  • Fixed the scheduled scans not being exported issue from Invicti Standard to Invicti Enterprise.
  • Fixed the bug in which OAuth2 settings were not transferred properly from the web application to the agent.
  • Fixed the bug that throws a null reference exception at the authentication.
  • Increased the time out for the cloud PDF converter to prevent timeout-related errors.

Removed

  • Removed the PCI DSS scan option on the New Scan page.