A brand new Acunetix Premium replace has been launched for Home windows and Linux: 15.0.221007170.
This Acunetix launch introduces help for Pink Hat Enterprise Linux (RHEL) 9, which has been launched earlier this 12 months. The PHP IAST AcuSensor can now be used with net functions that benefit from the PHP Slim Framework, and has been up to date to report MongoDB injection and SSTI vulnerabilities. The CWE High 25 Most Harmful Software program Weaknesses has been up to date to report on the highest software program weaknesses recognized for 2022. This Acunetix replace additionally consists of quite a few new vulnerability checks, updates, enhancements, and product fixes.
Word: There will likely be no new updates of the MacOS on-premises installations. MacOS customers can swap to Acunetix Premium On-line, or use Acunetix On-Premises in a digital atmosphere or on Docker.
New options
New vulnerability checks
- Added a examine for permissions-policy header
- Added a examine for unrestricted entry to Karma monitoring interface
- Added a examine for Go net software binary disclosure
Updates
- SCA: Improved the detection of elements utilized by Java net functions
- Up to date to Chromium v106.0.5249.61
- Up to date the PHP IAST AcuSensor to higher help net functions that use the Slim Framework
- Improved help for HTTP calls from Axios
- Up to date the listing of CWE High 25 Most Harmful Software program Weaknesses to incorporate 2022 weaknesses
- Scan outcomes and scan experiences will embrace the Acunetix model used to conduct the scan
- Up to date the PHP sensor to report MongoDB injections
- Up to date the PHP sensor to report server-side template injections (SSTI)
- Improved the detection of default GraphQL introspection URLs
- Applied a heartbeat for connections between the scanner and the AcuSensor bridge
- A number of DeepScan updates
- Improved the auditing of JavaScript libraries
Fixes
- Mounted a problem which could trigger blind SSRF within the subject tracker and proxy configuration
- Mounted 3 authorization issues
- Mounted a reminiscence exhaustion bug within the heuristic hyperlinks verifier
- Mounted: Malware was being reported when invalid/unknown malware was reported by Home windows Defender
- Mounted some crashes within the scanner
- Up to date the community scans to not abort if the preliminary ICMP ping fails
- Mounted an error when sending vulnerabilities to the Jira subject tracker
- Mounted a UI error when filtering vulnerabilities by time
Improve to the newest construct
If you’re already utilizing Acunetix construct 14.x, you may provoke the automated improve from the brand new construct notification within the Acunetix UI > About web page.
If you’re utilizing Acunetix construct 13.x or earlier, it’s essential to obtain Acunetix from right here. Use your Acunetix license key to obtain and activate your product.
Get the newest content material on net safety
in your inbox every week.
THE AUTHOR
Principal Program Supervisor
Because the Principal Program Supervisor, Nicholas is captivated with IT safety and know-how at massive. Previous to becoming a member of Acunetix in 2012, Nicholas spent 12 years at GFI Software program, the place he managed the e-mail safety and anti-spam product strains, led a number of customer support groups, and supplied technical coaching.
