Loading...
Security Resources

Software Updates

TrustKeeper Scan Engine Update for April 08, 2021

The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerability scanning) is now available. Enjoy!


New Vulnerability Test Highlights

Some of the more interesting vulnerability tests we added recently are as follows:

Atlassian Jira

  • Atlassian Jira API Endpoint Information Disclosure Vulnerability (CVE-2021-26069)
  • Atlassian Jira makeRequest Broken Authentication Vulnerability (CVE-2021-26070)

Cisco

  • Cisco IOS Software Common Industrial Protocol Privilege Escalation Vulnerability (cisco-sa-XE-SAP-OPLbze68_cvrf and CSCvu58224) (CVE-2021-1392)
  • Cisco IOS ARP Resource Management Exhaustion Denial of Service Vulnerability (cisco-sa-arp-mtfhBfjE_cvrf and CSCvv75175) (CVE-2021-1377)
  • Cisco IOS Privilege Escalation Vulnerability (cisco-sa-XE-FSM-Yj8qJbJc_cvrf and CSCvu58308) (CVE-2021-1391)

ClamAV

  • ClamAV Engine Parsing Malformed PNG Denial Of Service (CVE-2021-27506)

 

FreeBSD

Moodle

OpenSSL

  • OpenSSL signature_algorithms NULL Pointer Dereference Vulnerability (CVE-2021-3449)
  • OpenSSL X509_V_FLAG_X509_STRICT Improper Certificate Validation Vulnerability (CVE-2021-3450)

Red Hat (Credentialed Checks)

Ubuntu (Credentialed Checks)

How to Update?

All Trustwave customers using the TrustKeeper Scan Engine receive the updates automatically as soon as an update is available. No action is required.